1
ICS 101 Fall 2013 Networking and the Internet
Asst Prof Lipyeow LimInformation amp Computer Science Department
University of Hawaii at Manoa
11262013 Lipyeow Lim -- University of Hawaii at Manoa
2
Problembull Ancient cities G and R have a made a pact that
each will come to the (military) aid of the other if one is in trouble
11262013 Lipyeow Lim -- University of Hawaii at Manoa
AncientCity G Ancient
City R150 miles
G amp R are 150 miles apart How can they send a message for help
quickly
3
LOTR Beacon of Gondor
bull Video httpwwwyoutubecomwatchv=i6LGJ7evrAgbull Transmission medium air- line of sightbull Data encoding 1 bit ndash fire or no firebull All receivers have to be listeningbull Agreed upon interpretation of the signal at the endpointsbull Intermediate beacon wardens are always looking for a
signal and relaying the signalbull One way communication11262013 Lipyeow Lim -- University of Hawaii at Manoa
Gondor Rohan150 miles
4
Modern Computer Networks
bull Signaling technology can transmit complex sequences of bits - packetsbull Each host or router obeys a set of rules for how to handle
incomingoutgoing messages ndash communication protocolsbull Communications can be multi-waybull Bandwidth the number of bits that can be transferred per second
(bps)bull Latency the time it takes for a message to reach the destination after
leaving the source
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Host computer
Host computer
Router Router Router
Fibre optic cables
Ethernet or WiFi
Host computer
Local area network
5
Quiz 1
bull What is the bandwidth between two communicating nodes A amp Ba) How long it takes for 1 bit to travel from A to Bb) How much data can travel from A to B in one
unit timec) How far apart A and B ared) How long it takes a beam of light to travel from A
to B
11262013 Lipyeow Lim -- University of Hawaii at Manoa
6
Quiz 2
bull What is the latency between two communicating nodes A amp B
a) How long it takes for 1 bit to travel from A to Bb) How much data can travel from A to B in one
unit timec) How far apart A and B ared) How long it takes a beam of light to travel from A
to B
11262013 Lipyeow Lim -- University of Hawaii at Manoa
7
Local Area Networks
bull Wired (UTP Cat5) or Wireless 80211bull Connects hosts within a limited spatial region together to form
a networkbull All hosts within the network can ldquotalkrdquo to each otherbull The network is often a shared medium only one host can talk
at one time and the rest listens11262013 Lipyeow Lim -- University of Hawaii at Manoa
8
Data Packetbull How messages are packaged for
delivery on the network ndash like postal mail
bull Source and destination addresses
11262013 Lipyeow Lim -- University of Hawaii at Manoa
9
Network Abstractionsbull Network communications
are conceived as layers of abstractions
bull Each layer plays a specific role and is relatively independent of other layers
bull Each layer has its own packet format
bull Packets from higher layers are embedded in packets of lower layers ndash ldquoencapsulationrdquo
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Network
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
10
TCPIP Four Layer Model
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
bull Process to process communicates data to other processesapplications on the same host or on other hosts
bull Eg SMTP FTP SSH HTTP
bull Host to host communicates data to other host on the same network on on other networks
bull Hides the topology of the networkbull Flow control error correction connection controlbull Eg TCP UDP
bull Inter-network communicates data to other networksbull Deals with addressing and routing of datagrams to next
networkbull Eg IPv4 IPv6
bull Transmit data to other network interfaces on the local networkbull Eg Ethernet WiFi 80211
11
Link Layer
Data packet arrives from upper layer (Internet layer)bull If packet is too big break packet into smaller fragments (`framesrsquo)bull Embed data packet in a link layer packet with link layer header sequence
number error correction code etcbull Link layer packets gets transmitted on physical linkbull Link layer protocol governs how transmission over physical link is done Eg
Carrier sense multiple accessBottom-up process is similar on the receiving host
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
bull Eg Ethernet WiFi 80211bull A host can have multiple network interface
cards (eg Laptops typically have an ethernet interface and a WiFi interface)
bull Each interface has a 48-bit physical address that is hardwired to the hardware
12
Internet Layer
Data packet arrives from Transport layerbull Embed data packet in an IPv4 packet with IP header etcbull Pass packet to Link layer
Data packet arrives from Link layerbull Check IP header if packet destination is for this host If yes strip header and
pass to Transport layerbull Otherwise forward packet (routing)11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
bull Eg IPv4bull Connects multiple networks togetherbull Each network interface of a host is
associated with an 32-bit IPv4 addressbull IP address is not hardwired but assigned in
the software
13
IPv4 Addresses amp Domain Name Service
bull IP addresses are 32 bit numbers often written in 4 octets 1281711013
bull Each address is also split into two partsndash Prefix is the network addressndash Suffix is the host address within that network
bull Domain Name Servers provide a service that translates more meaningful names to IP addressesndash Uhunixhawaiiedu = 12817124197ndash www2hawaiiedu = 128171224150
11262013 Lipyeow Lim -- University of Hawaii at Manoa
128 171 10 13
Network Address Host Address
0 3116
14
IPv4 amp Inter-network Routing
For routersbull Examine destination IP addressbull Look up routing tables to determine outgoing networkbull Pass packet to link layer of that outgoing networkbull Best effort delivery ndash no guarantees
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
LinkInternet
Link
Ethernet Network
Internet
Link
Application
Transport
Internet
Link
Ethernet NetworkFibre Network
host host
RouterRouter
15
Transport Layer
TCP provides a reliable communication channel between two host applications by addressing several issues
bull Data packets arriving out of orderbull Data packets are corruptedbull Same packets arriving more than oncebull Some packets are lostdiscardedbull Traffic congestion control
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
bull Eg TCP (connection-oriented) UDPbull End-to-end message transfer between
hosts applicationsbull Each application on a host is associated
with a port numberbull IP address + port number will identify an
application end-point
16
Applications Email
bull Your email client program downloads incoming emails from mail server (imapgmailcom popgmailcom)
bull Outgoing emails are sent to mail server (smtpgmailcom)bull Mail servers handle the routing of emails using SMTP protocol which
operates on port 25 or 587ndash Lookup IP address of destination hostname in the email address using DNSndash Relaying email as packets to that IP address
11262013 Lipyeow Lim -- University of Hawaii at Manoa
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
Network
Mail Server Mail Server
Network Internet
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
Mail Client Mail Client
17
Sample Email HeaderDelivered-To strevguhrelayhawaiieduReceived by 10581456 with SMTP id sq6csp687725veb
Mon 3 Sep 2012203901 -0700 (PDT)Received by 106812938 with SMTP id
nt6mr43102232pbb761346729940698 Mon03 Sep 2012 203900 -0700 (PDT)Return-Path ltpostmasterlaulimahawaiiedugtReceived from mta11itshawaiiedu (mta11itshawaiiedu
[128171224147])by mxgooglecom with ESMTPS id
px6si25354378pbc21420120903203853(version=TLSv1SSLv3 cipher=RC4-MD5) Mon 03 Sep 2012
203900 -0700 (PDT)Received-SPF pass (googlecom domain of
postmasterlaulimahawaiiedudesignates 12817122458 as permitted sender) client-ip=
12817122458Authentication-Results mxgooglecom spf=pass (googlecom
domain ofpostmasterlaulimahawaiiedu designates 12817122458
as permitted sender)smtpmail=postmasterlaulimahawaiieduMIME-version 10Content-type multipartmixed
boundary=Boundary_(ID_3RY8N2VbJHb4tH5siR1eww)
Received from pmx11itshawaiiedu (pmx11itshawaiiedu [12817122458]) by
mta11itshawaiiedu (Sun Java(tm) System Messaging Server 63-1101 (built
Feb 12 2010 32bit)) with ESMTP id lt0M9T0071I3GJ4F40mta11itshawaiiedugt
Mon 03 Sep 2012 173845 -1000 (HST)Received from kuhiitshawaiiedu (kuhiitshawaiiedu
[12817125223]) bypmx11itshawaiiedu (Postfix) with ESMTP id E587118C023
Mon 03 Sep 2012173842 -1000 (HST)Received from sak24itshawaiiedu (sak24itshawaiiedu
[128171225199])by kuhiitshawaiiedu (812108126) with ESMTP id
q843ccvH023430 Mon 03Sep 2012 173838 -1000 (HST)Date Mon 03 Sep 2012 173833 -1000 (HST)From Dennis Streveler ltstrevhawaiiedugtCc strevhawaiiedu ltstrevhawaiiedugtMessage-id lt
11298755423101346729913602JavaMailsakaisak24itshawaiiedugt
Subject ICS 101 Help Tuesday lecture -- Everything you THOUGHT you knew
about NETWORKS and then someX-Mailer sakai-mailsender
11262013 Lipyeow Lim -- University of Hawaii at Manoa
18
Applications HTTP
11262013 Lipyeow Lim -- University of Hawaii at Manoa
HTTP
Transport TCP
Internet IPv4
Link
HTTP Server
Internet
HTTP
Transport TCP
Internet IPv4
Link
HTTP Clientbull Hyper-Text Transfer Protocol
(port 80)bull Request-response protocolbull When
httpwww2hawaiiedu~lipyeowindexhtml is entered into a web browser (http client)
HTTP11 200 OKDate Sun 02 Sep 2012 003540 GMTServer ApacheLast-Modified Tue 21 Aug 2012 012718 GMTETag 7d3e8-2950-4c7bc86e86980Accept-Ranges bytesContent-Length 10576Content-Type texthtmlltDOCTYPE HTML PUBLIC -W3CDTD HTML 40 TransitionalENgt ltHTMLgt
GET ~lipyeowindexhtml HTTP11host www2hawaiiedu
19
Internet Securitybull All data transmitted on the network using the
protocols described thus far are in plaintext
11262013 Lipyeow Lim -- University of Hawaii at Manoa
bull Anyone with access to the physical network link can snoop on the bit sequences and decode according to the protocol stack
bull Anyone can read your emails if heshe has access to a link on which your email packets are transmitted
bull Use encrypted connections eg SSLTLS
20
Secure HTTP -- HTTPS
bull Use HTTP over a SSLTLS layer (port 443)bull Negotiate a stateful encrypted connection to carry the
HTTP messagesbull Use a trusted 3rd party (CA) to verify identitybull Use public key handshake to establish a session keybull Encrypt subsequent messages using session key 11262013 Lipyeow Lim -- University of Hawaii at Manoa
HTTPSSLTLSTransport TCP
Internet IPv4
Link
HTTPS Server
HTTPSSLTLS
Transport TCP
Internet IPv4
Link
HTTPS Client
Certificate Authority
certificatecertificate
session key
verify certificate verify certificate
HTTP messages
21
Worksheet Questions
1 Packets are the unit of transfer between two communicating nodes Name two fields in a packet format
2 Recall the TCPIP 4-layer model Name one possible protocoltechnology at the link layer
11262013 Lipyeow Lim -- University of Hawaii at Manoa
- ICS 101 Fall 2013 Networking and the Internet
- Problem
- LOTR Beacon of Gondor
- Modern Computer Networks
- Quiz 1
- Quiz 2
- Local Area Networks
- Data Packet
- Network Abstractions
- TCPIP Four Layer Model
- Link Layer
- Internet Layer
- IPv4 Addresses amp Domain Name Service
- IPv4 amp Inter-network Routing
- Transport Layer
- Applications Email
- Sample Email Header
- Applications HTTP
- Internet Security
- Secure HTTP -- HTTPS
- Worksheet Questions
-
2
Problembull Ancient cities G and R have a made a pact that
each will come to the (military) aid of the other if one is in trouble
11262013 Lipyeow Lim -- University of Hawaii at Manoa
AncientCity G Ancient
City R150 miles
G amp R are 150 miles apart How can they send a message for help
quickly
3
LOTR Beacon of Gondor
bull Video httpwwwyoutubecomwatchv=i6LGJ7evrAgbull Transmission medium air- line of sightbull Data encoding 1 bit ndash fire or no firebull All receivers have to be listeningbull Agreed upon interpretation of the signal at the endpointsbull Intermediate beacon wardens are always looking for a
signal and relaying the signalbull One way communication11262013 Lipyeow Lim -- University of Hawaii at Manoa
Gondor Rohan150 miles
4
Modern Computer Networks
bull Signaling technology can transmit complex sequences of bits - packetsbull Each host or router obeys a set of rules for how to handle
incomingoutgoing messages ndash communication protocolsbull Communications can be multi-waybull Bandwidth the number of bits that can be transferred per second
(bps)bull Latency the time it takes for a message to reach the destination after
leaving the source
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Host computer
Host computer
Router Router Router
Fibre optic cables
Ethernet or WiFi
Host computer
Local area network
5
Quiz 1
bull What is the bandwidth between two communicating nodes A amp Ba) How long it takes for 1 bit to travel from A to Bb) How much data can travel from A to B in one
unit timec) How far apart A and B ared) How long it takes a beam of light to travel from A
to B
11262013 Lipyeow Lim -- University of Hawaii at Manoa
6
Quiz 2
bull What is the latency between two communicating nodes A amp B
a) How long it takes for 1 bit to travel from A to Bb) How much data can travel from A to B in one
unit timec) How far apart A and B ared) How long it takes a beam of light to travel from A
to B
11262013 Lipyeow Lim -- University of Hawaii at Manoa
7
Local Area Networks
bull Wired (UTP Cat5) or Wireless 80211bull Connects hosts within a limited spatial region together to form
a networkbull All hosts within the network can ldquotalkrdquo to each otherbull The network is often a shared medium only one host can talk
at one time and the rest listens11262013 Lipyeow Lim -- University of Hawaii at Manoa
8
Data Packetbull How messages are packaged for
delivery on the network ndash like postal mail
bull Source and destination addresses
11262013 Lipyeow Lim -- University of Hawaii at Manoa
9
Network Abstractionsbull Network communications
are conceived as layers of abstractions
bull Each layer plays a specific role and is relatively independent of other layers
bull Each layer has its own packet format
bull Packets from higher layers are embedded in packets of lower layers ndash ldquoencapsulationrdquo
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Network
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
10
TCPIP Four Layer Model
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
bull Process to process communicates data to other processesapplications on the same host or on other hosts
bull Eg SMTP FTP SSH HTTP
bull Host to host communicates data to other host on the same network on on other networks
bull Hides the topology of the networkbull Flow control error correction connection controlbull Eg TCP UDP
bull Inter-network communicates data to other networksbull Deals with addressing and routing of datagrams to next
networkbull Eg IPv4 IPv6
bull Transmit data to other network interfaces on the local networkbull Eg Ethernet WiFi 80211
11
Link Layer
Data packet arrives from upper layer (Internet layer)bull If packet is too big break packet into smaller fragments (`framesrsquo)bull Embed data packet in a link layer packet with link layer header sequence
number error correction code etcbull Link layer packets gets transmitted on physical linkbull Link layer protocol governs how transmission over physical link is done Eg
Carrier sense multiple accessBottom-up process is similar on the receiving host
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
bull Eg Ethernet WiFi 80211bull A host can have multiple network interface
cards (eg Laptops typically have an ethernet interface and a WiFi interface)
bull Each interface has a 48-bit physical address that is hardwired to the hardware
12
Internet Layer
Data packet arrives from Transport layerbull Embed data packet in an IPv4 packet with IP header etcbull Pass packet to Link layer
Data packet arrives from Link layerbull Check IP header if packet destination is for this host If yes strip header and
pass to Transport layerbull Otherwise forward packet (routing)11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
bull Eg IPv4bull Connects multiple networks togetherbull Each network interface of a host is
associated with an 32-bit IPv4 addressbull IP address is not hardwired but assigned in
the software
13
IPv4 Addresses amp Domain Name Service
bull IP addresses are 32 bit numbers often written in 4 octets 1281711013
bull Each address is also split into two partsndash Prefix is the network addressndash Suffix is the host address within that network
bull Domain Name Servers provide a service that translates more meaningful names to IP addressesndash Uhunixhawaiiedu = 12817124197ndash www2hawaiiedu = 128171224150
11262013 Lipyeow Lim -- University of Hawaii at Manoa
128 171 10 13
Network Address Host Address
0 3116
14
IPv4 amp Inter-network Routing
For routersbull Examine destination IP addressbull Look up routing tables to determine outgoing networkbull Pass packet to link layer of that outgoing networkbull Best effort delivery ndash no guarantees
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
LinkInternet
Link
Ethernet Network
Internet
Link
Application
Transport
Internet
Link
Ethernet NetworkFibre Network
host host
RouterRouter
15
Transport Layer
TCP provides a reliable communication channel between two host applications by addressing several issues
bull Data packets arriving out of orderbull Data packets are corruptedbull Same packets arriving more than oncebull Some packets are lostdiscardedbull Traffic congestion control
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
bull Eg TCP (connection-oriented) UDPbull End-to-end message transfer between
hosts applicationsbull Each application on a host is associated
with a port numberbull IP address + port number will identify an
application end-point
16
Applications Email
bull Your email client program downloads incoming emails from mail server (imapgmailcom popgmailcom)
bull Outgoing emails are sent to mail server (smtpgmailcom)bull Mail servers handle the routing of emails using SMTP protocol which
operates on port 25 or 587ndash Lookup IP address of destination hostname in the email address using DNSndash Relaying email as packets to that IP address
11262013 Lipyeow Lim -- University of Hawaii at Manoa
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
Network
Mail Server Mail Server
Network Internet
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
Mail Client Mail Client
17
Sample Email HeaderDelivered-To strevguhrelayhawaiieduReceived by 10581456 with SMTP id sq6csp687725veb
Mon 3 Sep 2012203901 -0700 (PDT)Received by 106812938 with SMTP id
nt6mr43102232pbb761346729940698 Mon03 Sep 2012 203900 -0700 (PDT)Return-Path ltpostmasterlaulimahawaiiedugtReceived from mta11itshawaiiedu (mta11itshawaiiedu
[128171224147])by mxgooglecom with ESMTPS id
px6si25354378pbc21420120903203853(version=TLSv1SSLv3 cipher=RC4-MD5) Mon 03 Sep 2012
203900 -0700 (PDT)Received-SPF pass (googlecom domain of
postmasterlaulimahawaiiedudesignates 12817122458 as permitted sender) client-ip=
12817122458Authentication-Results mxgooglecom spf=pass (googlecom
domain ofpostmasterlaulimahawaiiedu designates 12817122458
as permitted sender)smtpmail=postmasterlaulimahawaiieduMIME-version 10Content-type multipartmixed
boundary=Boundary_(ID_3RY8N2VbJHb4tH5siR1eww)
Received from pmx11itshawaiiedu (pmx11itshawaiiedu [12817122458]) by
mta11itshawaiiedu (Sun Java(tm) System Messaging Server 63-1101 (built
Feb 12 2010 32bit)) with ESMTP id lt0M9T0071I3GJ4F40mta11itshawaiiedugt
Mon 03 Sep 2012 173845 -1000 (HST)Received from kuhiitshawaiiedu (kuhiitshawaiiedu
[12817125223]) bypmx11itshawaiiedu (Postfix) with ESMTP id E587118C023
Mon 03 Sep 2012173842 -1000 (HST)Received from sak24itshawaiiedu (sak24itshawaiiedu
[128171225199])by kuhiitshawaiiedu (812108126) with ESMTP id
q843ccvH023430 Mon 03Sep 2012 173838 -1000 (HST)Date Mon 03 Sep 2012 173833 -1000 (HST)From Dennis Streveler ltstrevhawaiiedugtCc strevhawaiiedu ltstrevhawaiiedugtMessage-id lt
11298755423101346729913602JavaMailsakaisak24itshawaiiedugt
Subject ICS 101 Help Tuesday lecture -- Everything you THOUGHT you knew
about NETWORKS and then someX-Mailer sakai-mailsender
11262013 Lipyeow Lim -- University of Hawaii at Manoa
18
Applications HTTP
11262013 Lipyeow Lim -- University of Hawaii at Manoa
HTTP
Transport TCP
Internet IPv4
Link
HTTP Server
Internet
HTTP
Transport TCP
Internet IPv4
Link
HTTP Clientbull Hyper-Text Transfer Protocol
(port 80)bull Request-response protocolbull When
httpwww2hawaiiedu~lipyeowindexhtml is entered into a web browser (http client)
HTTP11 200 OKDate Sun 02 Sep 2012 003540 GMTServer ApacheLast-Modified Tue 21 Aug 2012 012718 GMTETag 7d3e8-2950-4c7bc86e86980Accept-Ranges bytesContent-Length 10576Content-Type texthtmlltDOCTYPE HTML PUBLIC -W3CDTD HTML 40 TransitionalENgt ltHTMLgt
GET ~lipyeowindexhtml HTTP11host www2hawaiiedu
19
Internet Securitybull All data transmitted on the network using the
protocols described thus far are in plaintext
11262013 Lipyeow Lim -- University of Hawaii at Manoa
bull Anyone with access to the physical network link can snoop on the bit sequences and decode according to the protocol stack
bull Anyone can read your emails if heshe has access to a link on which your email packets are transmitted
bull Use encrypted connections eg SSLTLS
20
Secure HTTP -- HTTPS
bull Use HTTP over a SSLTLS layer (port 443)bull Negotiate a stateful encrypted connection to carry the
HTTP messagesbull Use a trusted 3rd party (CA) to verify identitybull Use public key handshake to establish a session keybull Encrypt subsequent messages using session key 11262013 Lipyeow Lim -- University of Hawaii at Manoa
HTTPSSLTLSTransport TCP
Internet IPv4
Link
HTTPS Server
HTTPSSLTLS
Transport TCP
Internet IPv4
Link
HTTPS Client
Certificate Authority
certificatecertificate
session key
verify certificate verify certificate
HTTP messages
21
Worksheet Questions
1 Packets are the unit of transfer between two communicating nodes Name two fields in a packet format
2 Recall the TCPIP 4-layer model Name one possible protocoltechnology at the link layer
11262013 Lipyeow Lim -- University of Hawaii at Manoa
- ICS 101 Fall 2013 Networking and the Internet
- Problem
- LOTR Beacon of Gondor
- Modern Computer Networks
- Quiz 1
- Quiz 2
- Local Area Networks
- Data Packet
- Network Abstractions
- TCPIP Four Layer Model
- Link Layer
- Internet Layer
- IPv4 Addresses amp Domain Name Service
- IPv4 amp Inter-network Routing
- Transport Layer
- Applications Email
- Sample Email Header
- Applications HTTP
- Internet Security
- Secure HTTP -- HTTPS
- Worksheet Questions
-
3
LOTR Beacon of Gondor
bull Video httpwwwyoutubecomwatchv=i6LGJ7evrAgbull Transmission medium air- line of sightbull Data encoding 1 bit ndash fire or no firebull All receivers have to be listeningbull Agreed upon interpretation of the signal at the endpointsbull Intermediate beacon wardens are always looking for a
signal and relaying the signalbull One way communication11262013 Lipyeow Lim -- University of Hawaii at Manoa
Gondor Rohan150 miles
4
Modern Computer Networks
bull Signaling technology can transmit complex sequences of bits - packetsbull Each host or router obeys a set of rules for how to handle
incomingoutgoing messages ndash communication protocolsbull Communications can be multi-waybull Bandwidth the number of bits that can be transferred per second
(bps)bull Latency the time it takes for a message to reach the destination after
leaving the source
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Host computer
Host computer
Router Router Router
Fibre optic cables
Ethernet or WiFi
Host computer
Local area network
5
Quiz 1
bull What is the bandwidth between two communicating nodes A amp Ba) How long it takes for 1 bit to travel from A to Bb) How much data can travel from A to B in one
unit timec) How far apart A and B ared) How long it takes a beam of light to travel from A
to B
11262013 Lipyeow Lim -- University of Hawaii at Manoa
6
Quiz 2
bull What is the latency between two communicating nodes A amp B
a) How long it takes for 1 bit to travel from A to Bb) How much data can travel from A to B in one
unit timec) How far apart A and B ared) How long it takes a beam of light to travel from A
to B
11262013 Lipyeow Lim -- University of Hawaii at Manoa
7
Local Area Networks
bull Wired (UTP Cat5) or Wireless 80211bull Connects hosts within a limited spatial region together to form
a networkbull All hosts within the network can ldquotalkrdquo to each otherbull The network is often a shared medium only one host can talk
at one time and the rest listens11262013 Lipyeow Lim -- University of Hawaii at Manoa
8
Data Packetbull How messages are packaged for
delivery on the network ndash like postal mail
bull Source and destination addresses
11262013 Lipyeow Lim -- University of Hawaii at Manoa
9
Network Abstractionsbull Network communications
are conceived as layers of abstractions
bull Each layer plays a specific role and is relatively independent of other layers
bull Each layer has its own packet format
bull Packets from higher layers are embedded in packets of lower layers ndash ldquoencapsulationrdquo
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Network
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
10
TCPIP Four Layer Model
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
bull Process to process communicates data to other processesapplications on the same host or on other hosts
bull Eg SMTP FTP SSH HTTP
bull Host to host communicates data to other host on the same network on on other networks
bull Hides the topology of the networkbull Flow control error correction connection controlbull Eg TCP UDP
bull Inter-network communicates data to other networksbull Deals with addressing and routing of datagrams to next
networkbull Eg IPv4 IPv6
bull Transmit data to other network interfaces on the local networkbull Eg Ethernet WiFi 80211
11
Link Layer
Data packet arrives from upper layer (Internet layer)bull If packet is too big break packet into smaller fragments (`framesrsquo)bull Embed data packet in a link layer packet with link layer header sequence
number error correction code etcbull Link layer packets gets transmitted on physical linkbull Link layer protocol governs how transmission over physical link is done Eg
Carrier sense multiple accessBottom-up process is similar on the receiving host
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
bull Eg Ethernet WiFi 80211bull A host can have multiple network interface
cards (eg Laptops typically have an ethernet interface and a WiFi interface)
bull Each interface has a 48-bit physical address that is hardwired to the hardware
12
Internet Layer
Data packet arrives from Transport layerbull Embed data packet in an IPv4 packet with IP header etcbull Pass packet to Link layer
Data packet arrives from Link layerbull Check IP header if packet destination is for this host If yes strip header and
pass to Transport layerbull Otherwise forward packet (routing)11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
bull Eg IPv4bull Connects multiple networks togetherbull Each network interface of a host is
associated with an 32-bit IPv4 addressbull IP address is not hardwired but assigned in
the software
13
IPv4 Addresses amp Domain Name Service
bull IP addresses are 32 bit numbers often written in 4 octets 1281711013
bull Each address is also split into two partsndash Prefix is the network addressndash Suffix is the host address within that network
bull Domain Name Servers provide a service that translates more meaningful names to IP addressesndash Uhunixhawaiiedu = 12817124197ndash www2hawaiiedu = 128171224150
11262013 Lipyeow Lim -- University of Hawaii at Manoa
128 171 10 13
Network Address Host Address
0 3116
14
IPv4 amp Inter-network Routing
For routersbull Examine destination IP addressbull Look up routing tables to determine outgoing networkbull Pass packet to link layer of that outgoing networkbull Best effort delivery ndash no guarantees
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
LinkInternet
Link
Ethernet Network
Internet
Link
Application
Transport
Internet
Link
Ethernet NetworkFibre Network
host host
RouterRouter
15
Transport Layer
TCP provides a reliable communication channel between two host applications by addressing several issues
bull Data packets arriving out of orderbull Data packets are corruptedbull Same packets arriving more than oncebull Some packets are lostdiscardedbull Traffic congestion control
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
bull Eg TCP (connection-oriented) UDPbull End-to-end message transfer between
hosts applicationsbull Each application on a host is associated
with a port numberbull IP address + port number will identify an
application end-point
16
Applications Email
bull Your email client program downloads incoming emails from mail server (imapgmailcom popgmailcom)
bull Outgoing emails are sent to mail server (smtpgmailcom)bull Mail servers handle the routing of emails using SMTP protocol which
operates on port 25 or 587ndash Lookup IP address of destination hostname in the email address using DNSndash Relaying email as packets to that IP address
11262013 Lipyeow Lim -- University of Hawaii at Manoa
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
Network
Mail Server Mail Server
Network Internet
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
Mail Client Mail Client
17
Sample Email HeaderDelivered-To strevguhrelayhawaiieduReceived by 10581456 with SMTP id sq6csp687725veb
Mon 3 Sep 2012203901 -0700 (PDT)Received by 106812938 with SMTP id
nt6mr43102232pbb761346729940698 Mon03 Sep 2012 203900 -0700 (PDT)Return-Path ltpostmasterlaulimahawaiiedugtReceived from mta11itshawaiiedu (mta11itshawaiiedu
[128171224147])by mxgooglecom with ESMTPS id
px6si25354378pbc21420120903203853(version=TLSv1SSLv3 cipher=RC4-MD5) Mon 03 Sep 2012
203900 -0700 (PDT)Received-SPF pass (googlecom domain of
postmasterlaulimahawaiiedudesignates 12817122458 as permitted sender) client-ip=
12817122458Authentication-Results mxgooglecom spf=pass (googlecom
domain ofpostmasterlaulimahawaiiedu designates 12817122458
as permitted sender)smtpmail=postmasterlaulimahawaiieduMIME-version 10Content-type multipartmixed
boundary=Boundary_(ID_3RY8N2VbJHb4tH5siR1eww)
Received from pmx11itshawaiiedu (pmx11itshawaiiedu [12817122458]) by
mta11itshawaiiedu (Sun Java(tm) System Messaging Server 63-1101 (built
Feb 12 2010 32bit)) with ESMTP id lt0M9T0071I3GJ4F40mta11itshawaiiedugt
Mon 03 Sep 2012 173845 -1000 (HST)Received from kuhiitshawaiiedu (kuhiitshawaiiedu
[12817125223]) bypmx11itshawaiiedu (Postfix) with ESMTP id E587118C023
Mon 03 Sep 2012173842 -1000 (HST)Received from sak24itshawaiiedu (sak24itshawaiiedu
[128171225199])by kuhiitshawaiiedu (812108126) with ESMTP id
q843ccvH023430 Mon 03Sep 2012 173838 -1000 (HST)Date Mon 03 Sep 2012 173833 -1000 (HST)From Dennis Streveler ltstrevhawaiiedugtCc strevhawaiiedu ltstrevhawaiiedugtMessage-id lt
11298755423101346729913602JavaMailsakaisak24itshawaiiedugt
Subject ICS 101 Help Tuesday lecture -- Everything you THOUGHT you knew
about NETWORKS and then someX-Mailer sakai-mailsender
11262013 Lipyeow Lim -- University of Hawaii at Manoa
18
Applications HTTP
11262013 Lipyeow Lim -- University of Hawaii at Manoa
HTTP
Transport TCP
Internet IPv4
Link
HTTP Server
Internet
HTTP
Transport TCP
Internet IPv4
Link
HTTP Clientbull Hyper-Text Transfer Protocol
(port 80)bull Request-response protocolbull When
httpwww2hawaiiedu~lipyeowindexhtml is entered into a web browser (http client)
HTTP11 200 OKDate Sun 02 Sep 2012 003540 GMTServer ApacheLast-Modified Tue 21 Aug 2012 012718 GMTETag 7d3e8-2950-4c7bc86e86980Accept-Ranges bytesContent-Length 10576Content-Type texthtmlltDOCTYPE HTML PUBLIC -W3CDTD HTML 40 TransitionalENgt ltHTMLgt
GET ~lipyeowindexhtml HTTP11host www2hawaiiedu
19
Internet Securitybull All data transmitted on the network using the
protocols described thus far are in plaintext
11262013 Lipyeow Lim -- University of Hawaii at Manoa
bull Anyone with access to the physical network link can snoop on the bit sequences and decode according to the protocol stack
bull Anyone can read your emails if heshe has access to a link on which your email packets are transmitted
bull Use encrypted connections eg SSLTLS
20
Secure HTTP -- HTTPS
bull Use HTTP over a SSLTLS layer (port 443)bull Negotiate a stateful encrypted connection to carry the
HTTP messagesbull Use a trusted 3rd party (CA) to verify identitybull Use public key handshake to establish a session keybull Encrypt subsequent messages using session key 11262013 Lipyeow Lim -- University of Hawaii at Manoa
HTTPSSLTLSTransport TCP
Internet IPv4
Link
HTTPS Server
HTTPSSLTLS
Transport TCP
Internet IPv4
Link
HTTPS Client
Certificate Authority
certificatecertificate
session key
verify certificate verify certificate
HTTP messages
21
Worksheet Questions
1 Packets are the unit of transfer between two communicating nodes Name two fields in a packet format
2 Recall the TCPIP 4-layer model Name one possible protocoltechnology at the link layer
11262013 Lipyeow Lim -- University of Hawaii at Manoa
- ICS 101 Fall 2013 Networking and the Internet
- Problem
- LOTR Beacon of Gondor
- Modern Computer Networks
- Quiz 1
- Quiz 2
- Local Area Networks
- Data Packet
- Network Abstractions
- TCPIP Four Layer Model
- Link Layer
- Internet Layer
- IPv4 Addresses amp Domain Name Service
- IPv4 amp Inter-network Routing
- Transport Layer
- Applications Email
- Sample Email Header
- Applications HTTP
- Internet Security
- Secure HTTP -- HTTPS
- Worksheet Questions
-
4
Modern Computer Networks
bull Signaling technology can transmit complex sequences of bits - packetsbull Each host or router obeys a set of rules for how to handle
incomingoutgoing messages ndash communication protocolsbull Communications can be multi-waybull Bandwidth the number of bits that can be transferred per second
(bps)bull Latency the time it takes for a message to reach the destination after
leaving the source
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Host computer
Host computer
Router Router Router
Fibre optic cables
Ethernet or WiFi
Host computer
Local area network
5
Quiz 1
bull What is the bandwidth between two communicating nodes A amp Ba) How long it takes for 1 bit to travel from A to Bb) How much data can travel from A to B in one
unit timec) How far apart A and B ared) How long it takes a beam of light to travel from A
to B
11262013 Lipyeow Lim -- University of Hawaii at Manoa
6
Quiz 2
bull What is the latency between two communicating nodes A amp B
a) How long it takes for 1 bit to travel from A to Bb) How much data can travel from A to B in one
unit timec) How far apart A and B ared) How long it takes a beam of light to travel from A
to B
11262013 Lipyeow Lim -- University of Hawaii at Manoa
7
Local Area Networks
bull Wired (UTP Cat5) or Wireless 80211bull Connects hosts within a limited spatial region together to form
a networkbull All hosts within the network can ldquotalkrdquo to each otherbull The network is often a shared medium only one host can talk
at one time and the rest listens11262013 Lipyeow Lim -- University of Hawaii at Manoa
8
Data Packetbull How messages are packaged for
delivery on the network ndash like postal mail
bull Source and destination addresses
11262013 Lipyeow Lim -- University of Hawaii at Manoa
9
Network Abstractionsbull Network communications
are conceived as layers of abstractions
bull Each layer plays a specific role and is relatively independent of other layers
bull Each layer has its own packet format
bull Packets from higher layers are embedded in packets of lower layers ndash ldquoencapsulationrdquo
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Network
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
10
TCPIP Four Layer Model
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
bull Process to process communicates data to other processesapplications on the same host or on other hosts
bull Eg SMTP FTP SSH HTTP
bull Host to host communicates data to other host on the same network on on other networks
bull Hides the topology of the networkbull Flow control error correction connection controlbull Eg TCP UDP
bull Inter-network communicates data to other networksbull Deals with addressing and routing of datagrams to next
networkbull Eg IPv4 IPv6
bull Transmit data to other network interfaces on the local networkbull Eg Ethernet WiFi 80211
11
Link Layer
Data packet arrives from upper layer (Internet layer)bull If packet is too big break packet into smaller fragments (`framesrsquo)bull Embed data packet in a link layer packet with link layer header sequence
number error correction code etcbull Link layer packets gets transmitted on physical linkbull Link layer protocol governs how transmission over physical link is done Eg
Carrier sense multiple accessBottom-up process is similar on the receiving host
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
bull Eg Ethernet WiFi 80211bull A host can have multiple network interface
cards (eg Laptops typically have an ethernet interface and a WiFi interface)
bull Each interface has a 48-bit physical address that is hardwired to the hardware
12
Internet Layer
Data packet arrives from Transport layerbull Embed data packet in an IPv4 packet with IP header etcbull Pass packet to Link layer
Data packet arrives from Link layerbull Check IP header if packet destination is for this host If yes strip header and
pass to Transport layerbull Otherwise forward packet (routing)11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
bull Eg IPv4bull Connects multiple networks togetherbull Each network interface of a host is
associated with an 32-bit IPv4 addressbull IP address is not hardwired but assigned in
the software
13
IPv4 Addresses amp Domain Name Service
bull IP addresses are 32 bit numbers often written in 4 octets 1281711013
bull Each address is also split into two partsndash Prefix is the network addressndash Suffix is the host address within that network
bull Domain Name Servers provide a service that translates more meaningful names to IP addressesndash Uhunixhawaiiedu = 12817124197ndash www2hawaiiedu = 128171224150
11262013 Lipyeow Lim -- University of Hawaii at Manoa
128 171 10 13
Network Address Host Address
0 3116
14
IPv4 amp Inter-network Routing
For routersbull Examine destination IP addressbull Look up routing tables to determine outgoing networkbull Pass packet to link layer of that outgoing networkbull Best effort delivery ndash no guarantees
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
LinkInternet
Link
Ethernet Network
Internet
Link
Application
Transport
Internet
Link
Ethernet NetworkFibre Network
host host
RouterRouter
15
Transport Layer
TCP provides a reliable communication channel between two host applications by addressing several issues
bull Data packets arriving out of orderbull Data packets are corruptedbull Same packets arriving more than oncebull Some packets are lostdiscardedbull Traffic congestion control
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
bull Eg TCP (connection-oriented) UDPbull End-to-end message transfer between
hosts applicationsbull Each application on a host is associated
with a port numberbull IP address + port number will identify an
application end-point
16
Applications Email
bull Your email client program downloads incoming emails from mail server (imapgmailcom popgmailcom)
bull Outgoing emails are sent to mail server (smtpgmailcom)bull Mail servers handle the routing of emails using SMTP protocol which
operates on port 25 or 587ndash Lookup IP address of destination hostname in the email address using DNSndash Relaying email as packets to that IP address
11262013 Lipyeow Lim -- University of Hawaii at Manoa
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
Network
Mail Server Mail Server
Network Internet
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
Mail Client Mail Client
17
Sample Email HeaderDelivered-To strevguhrelayhawaiieduReceived by 10581456 with SMTP id sq6csp687725veb
Mon 3 Sep 2012203901 -0700 (PDT)Received by 106812938 with SMTP id
nt6mr43102232pbb761346729940698 Mon03 Sep 2012 203900 -0700 (PDT)Return-Path ltpostmasterlaulimahawaiiedugtReceived from mta11itshawaiiedu (mta11itshawaiiedu
[128171224147])by mxgooglecom with ESMTPS id
px6si25354378pbc21420120903203853(version=TLSv1SSLv3 cipher=RC4-MD5) Mon 03 Sep 2012
203900 -0700 (PDT)Received-SPF pass (googlecom domain of
postmasterlaulimahawaiiedudesignates 12817122458 as permitted sender) client-ip=
12817122458Authentication-Results mxgooglecom spf=pass (googlecom
domain ofpostmasterlaulimahawaiiedu designates 12817122458
as permitted sender)smtpmail=postmasterlaulimahawaiieduMIME-version 10Content-type multipartmixed
boundary=Boundary_(ID_3RY8N2VbJHb4tH5siR1eww)
Received from pmx11itshawaiiedu (pmx11itshawaiiedu [12817122458]) by
mta11itshawaiiedu (Sun Java(tm) System Messaging Server 63-1101 (built
Feb 12 2010 32bit)) with ESMTP id lt0M9T0071I3GJ4F40mta11itshawaiiedugt
Mon 03 Sep 2012 173845 -1000 (HST)Received from kuhiitshawaiiedu (kuhiitshawaiiedu
[12817125223]) bypmx11itshawaiiedu (Postfix) with ESMTP id E587118C023
Mon 03 Sep 2012173842 -1000 (HST)Received from sak24itshawaiiedu (sak24itshawaiiedu
[128171225199])by kuhiitshawaiiedu (812108126) with ESMTP id
q843ccvH023430 Mon 03Sep 2012 173838 -1000 (HST)Date Mon 03 Sep 2012 173833 -1000 (HST)From Dennis Streveler ltstrevhawaiiedugtCc strevhawaiiedu ltstrevhawaiiedugtMessage-id lt
11298755423101346729913602JavaMailsakaisak24itshawaiiedugt
Subject ICS 101 Help Tuesday lecture -- Everything you THOUGHT you knew
about NETWORKS and then someX-Mailer sakai-mailsender
11262013 Lipyeow Lim -- University of Hawaii at Manoa
18
Applications HTTP
11262013 Lipyeow Lim -- University of Hawaii at Manoa
HTTP
Transport TCP
Internet IPv4
Link
HTTP Server
Internet
HTTP
Transport TCP
Internet IPv4
Link
HTTP Clientbull Hyper-Text Transfer Protocol
(port 80)bull Request-response protocolbull When
httpwww2hawaiiedu~lipyeowindexhtml is entered into a web browser (http client)
HTTP11 200 OKDate Sun 02 Sep 2012 003540 GMTServer ApacheLast-Modified Tue 21 Aug 2012 012718 GMTETag 7d3e8-2950-4c7bc86e86980Accept-Ranges bytesContent-Length 10576Content-Type texthtmlltDOCTYPE HTML PUBLIC -W3CDTD HTML 40 TransitionalENgt ltHTMLgt
GET ~lipyeowindexhtml HTTP11host www2hawaiiedu
19
Internet Securitybull All data transmitted on the network using the
protocols described thus far are in plaintext
11262013 Lipyeow Lim -- University of Hawaii at Manoa
bull Anyone with access to the physical network link can snoop on the bit sequences and decode according to the protocol stack
bull Anyone can read your emails if heshe has access to a link on which your email packets are transmitted
bull Use encrypted connections eg SSLTLS
20
Secure HTTP -- HTTPS
bull Use HTTP over a SSLTLS layer (port 443)bull Negotiate a stateful encrypted connection to carry the
HTTP messagesbull Use a trusted 3rd party (CA) to verify identitybull Use public key handshake to establish a session keybull Encrypt subsequent messages using session key 11262013 Lipyeow Lim -- University of Hawaii at Manoa
HTTPSSLTLSTransport TCP
Internet IPv4
Link
HTTPS Server
HTTPSSLTLS
Transport TCP
Internet IPv4
Link
HTTPS Client
Certificate Authority
certificatecertificate
session key
verify certificate verify certificate
HTTP messages
21
Worksheet Questions
1 Packets are the unit of transfer between two communicating nodes Name two fields in a packet format
2 Recall the TCPIP 4-layer model Name one possible protocoltechnology at the link layer
11262013 Lipyeow Lim -- University of Hawaii at Manoa
- ICS 101 Fall 2013 Networking and the Internet
- Problem
- LOTR Beacon of Gondor
- Modern Computer Networks
- Quiz 1
- Quiz 2
- Local Area Networks
- Data Packet
- Network Abstractions
- TCPIP Four Layer Model
- Link Layer
- Internet Layer
- IPv4 Addresses amp Domain Name Service
- IPv4 amp Inter-network Routing
- Transport Layer
- Applications Email
- Sample Email Header
- Applications HTTP
- Internet Security
- Secure HTTP -- HTTPS
- Worksheet Questions
-
5
Quiz 1
bull What is the bandwidth between two communicating nodes A amp Ba) How long it takes for 1 bit to travel from A to Bb) How much data can travel from A to B in one
unit timec) How far apart A and B ared) How long it takes a beam of light to travel from A
to B
11262013 Lipyeow Lim -- University of Hawaii at Manoa
6
Quiz 2
bull What is the latency between two communicating nodes A amp B
a) How long it takes for 1 bit to travel from A to Bb) How much data can travel from A to B in one
unit timec) How far apart A and B ared) How long it takes a beam of light to travel from A
to B
11262013 Lipyeow Lim -- University of Hawaii at Manoa
7
Local Area Networks
bull Wired (UTP Cat5) or Wireless 80211bull Connects hosts within a limited spatial region together to form
a networkbull All hosts within the network can ldquotalkrdquo to each otherbull The network is often a shared medium only one host can talk
at one time and the rest listens11262013 Lipyeow Lim -- University of Hawaii at Manoa
8
Data Packetbull How messages are packaged for
delivery on the network ndash like postal mail
bull Source and destination addresses
11262013 Lipyeow Lim -- University of Hawaii at Manoa
9
Network Abstractionsbull Network communications
are conceived as layers of abstractions
bull Each layer plays a specific role and is relatively independent of other layers
bull Each layer has its own packet format
bull Packets from higher layers are embedded in packets of lower layers ndash ldquoencapsulationrdquo
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Network
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
10
TCPIP Four Layer Model
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
bull Process to process communicates data to other processesapplications on the same host or on other hosts
bull Eg SMTP FTP SSH HTTP
bull Host to host communicates data to other host on the same network on on other networks
bull Hides the topology of the networkbull Flow control error correction connection controlbull Eg TCP UDP
bull Inter-network communicates data to other networksbull Deals with addressing and routing of datagrams to next
networkbull Eg IPv4 IPv6
bull Transmit data to other network interfaces on the local networkbull Eg Ethernet WiFi 80211
11
Link Layer
Data packet arrives from upper layer (Internet layer)bull If packet is too big break packet into smaller fragments (`framesrsquo)bull Embed data packet in a link layer packet with link layer header sequence
number error correction code etcbull Link layer packets gets transmitted on physical linkbull Link layer protocol governs how transmission over physical link is done Eg
Carrier sense multiple accessBottom-up process is similar on the receiving host
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
bull Eg Ethernet WiFi 80211bull A host can have multiple network interface
cards (eg Laptops typically have an ethernet interface and a WiFi interface)
bull Each interface has a 48-bit physical address that is hardwired to the hardware
12
Internet Layer
Data packet arrives from Transport layerbull Embed data packet in an IPv4 packet with IP header etcbull Pass packet to Link layer
Data packet arrives from Link layerbull Check IP header if packet destination is for this host If yes strip header and
pass to Transport layerbull Otherwise forward packet (routing)11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
bull Eg IPv4bull Connects multiple networks togetherbull Each network interface of a host is
associated with an 32-bit IPv4 addressbull IP address is not hardwired but assigned in
the software
13
IPv4 Addresses amp Domain Name Service
bull IP addresses are 32 bit numbers often written in 4 octets 1281711013
bull Each address is also split into two partsndash Prefix is the network addressndash Suffix is the host address within that network
bull Domain Name Servers provide a service that translates more meaningful names to IP addressesndash Uhunixhawaiiedu = 12817124197ndash www2hawaiiedu = 128171224150
11262013 Lipyeow Lim -- University of Hawaii at Manoa
128 171 10 13
Network Address Host Address
0 3116
14
IPv4 amp Inter-network Routing
For routersbull Examine destination IP addressbull Look up routing tables to determine outgoing networkbull Pass packet to link layer of that outgoing networkbull Best effort delivery ndash no guarantees
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
LinkInternet
Link
Ethernet Network
Internet
Link
Application
Transport
Internet
Link
Ethernet NetworkFibre Network
host host
RouterRouter
15
Transport Layer
TCP provides a reliable communication channel between two host applications by addressing several issues
bull Data packets arriving out of orderbull Data packets are corruptedbull Same packets arriving more than oncebull Some packets are lostdiscardedbull Traffic congestion control
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
bull Eg TCP (connection-oriented) UDPbull End-to-end message transfer between
hosts applicationsbull Each application on a host is associated
with a port numberbull IP address + port number will identify an
application end-point
16
Applications Email
bull Your email client program downloads incoming emails from mail server (imapgmailcom popgmailcom)
bull Outgoing emails are sent to mail server (smtpgmailcom)bull Mail servers handle the routing of emails using SMTP protocol which
operates on port 25 or 587ndash Lookup IP address of destination hostname in the email address using DNSndash Relaying email as packets to that IP address
11262013 Lipyeow Lim -- University of Hawaii at Manoa
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
Network
Mail Server Mail Server
Network Internet
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
Mail Client Mail Client
17
Sample Email HeaderDelivered-To strevguhrelayhawaiieduReceived by 10581456 with SMTP id sq6csp687725veb
Mon 3 Sep 2012203901 -0700 (PDT)Received by 106812938 with SMTP id
nt6mr43102232pbb761346729940698 Mon03 Sep 2012 203900 -0700 (PDT)Return-Path ltpostmasterlaulimahawaiiedugtReceived from mta11itshawaiiedu (mta11itshawaiiedu
[128171224147])by mxgooglecom with ESMTPS id
px6si25354378pbc21420120903203853(version=TLSv1SSLv3 cipher=RC4-MD5) Mon 03 Sep 2012
203900 -0700 (PDT)Received-SPF pass (googlecom domain of
postmasterlaulimahawaiiedudesignates 12817122458 as permitted sender) client-ip=
12817122458Authentication-Results mxgooglecom spf=pass (googlecom
domain ofpostmasterlaulimahawaiiedu designates 12817122458
as permitted sender)smtpmail=postmasterlaulimahawaiieduMIME-version 10Content-type multipartmixed
boundary=Boundary_(ID_3RY8N2VbJHb4tH5siR1eww)
Received from pmx11itshawaiiedu (pmx11itshawaiiedu [12817122458]) by
mta11itshawaiiedu (Sun Java(tm) System Messaging Server 63-1101 (built
Feb 12 2010 32bit)) with ESMTP id lt0M9T0071I3GJ4F40mta11itshawaiiedugt
Mon 03 Sep 2012 173845 -1000 (HST)Received from kuhiitshawaiiedu (kuhiitshawaiiedu
[12817125223]) bypmx11itshawaiiedu (Postfix) with ESMTP id E587118C023
Mon 03 Sep 2012173842 -1000 (HST)Received from sak24itshawaiiedu (sak24itshawaiiedu
[128171225199])by kuhiitshawaiiedu (812108126) with ESMTP id
q843ccvH023430 Mon 03Sep 2012 173838 -1000 (HST)Date Mon 03 Sep 2012 173833 -1000 (HST)From Dennis Streveler ltstrevhawaiiedugtCc strevhawaiiedu ltstrevhawaiiedugtMessage-id lt
11298755423101346729913602JavaMailsakaisak24itshawaiiedugt
Subject ICS 101 Help Tuesday lecture -- Everything you THOUGHT you knew
about NETWORKS and then someX-Mailer sakai-mailsender
11262013 Lipyeow Lim -- University of Hawaii at Manoa
18
Applications HTTP
11262013 Lipyeow Lim -- University of Hawaii at Manoa
HTTP
Transport TCP
Internet IPv4
Link
HTTP Server
Internet
HTTP
Transport TCP
Internet IPv4
Link
HTTP Clientbull Hyper-Text Transfer Protocol
(port 80)bull Request-response protocolbull When
httpwww2hawaiiedu~lipyeowindexhtml is entered into a web browser (http client)
HTTP11 200 OKDate Sun 02 Sep 2012 003540 GMTServer ApacheLast-Modified Tue 21 Aug 2012 012718 GMTETag 7d3e8-2950-4c7bc86e86980Accept-Ranges bytesContent-Length 10576Content-Type texthtmlltDOCTYPE HTML PUBLIC -W3CDTD HTML 40 TransitionalENgt ltHTMLgt
GET ~lipyeowindexhtml HTTP11host www2hawaiiedu
19
Internet Securitybull All data transmitted on the network using the
protocols described thus far are in plaintext
11262013 Lipyeow Lim -- University of Hawaii at Manoa
bull Anyone with access to the physical network link can snoop on the bit sequences and decode according to the protocol stack
bull Anyone can read your emails if heshe has access to a link on which your email packets are transmitted
bull Use encrypted connections eg SSLTLS
20
Secure HTTP -- HTTPS
bull Use HTTP over a SSLTLS layer (port 443)bull Negotiate a stateful encrypted connection to carry the
HTTP messagesbull Use a trusted 3rd party (CA) to verify identitybull Use public key handshake to establish a session keybull Encrypt subsequent messages using session key 11262013 Lipyeow Lim -- University of Hawaii at Manoa
HTTPSSLTLSTransport TCP
Internet IPv4
Link
HTTPS Server
HTTPSSLTLS
Transport TCP
Internet IPv4
Link
HTTPS Client
Certificate Authority
certificatecertificate
session key
verify certificate verify certificate
HTTP messages
21
Worksheet Questions
1 Packets are the unit of transfer between two communicating nodes Name two fields in a packet format
2 Recall the TCPIP 4-layer model Name one possible protocoltechnology at the link layer
11262013 Lipyeow Lim -- University of Hawaii at Manoa
- ICS 101 Fall 2013 Networking and the Internet
- Problem
- LOTR Beacon of Gondor
- Modern Computer Networks
- Quiz 1
- Quiz 2
- Local Area Networks
- Data Packet
- Network Abstractions
- TCPIP Four Layer Model
- Link Layer
- Internet Layer
- IPv4 Addresses amp Domain Name Service
- IPv4 amp Inter-network Routing
- Transport Layer
- Applications Email
- Sample Email Header
- Applications HTTP
- Internet Security
- Secure HTTP -- HTTPS
- Worksheet Questions
-
6
Quiz 2
bull What is the latency between two communicating nodes A amp B
a) How long it takes for 1 bit to travel from A to Bb) How much data can travel from A to B in one
unit timec) How far apart A and B ared) How long it takes a beam of light to travel from A
to B
11262013 Lipyeow Lim -- University of Hawaii at Manoa
7
Local Area Networks
bull Wired (UTP Cat5) or Wireless 80211bull Connects hosts within a limited spatial region together to form
a networkbull All hosts within the network can ldquotalkrdquo to each otherbull The network is often a shared medium only one host can talk
at one time and the rest listens11262013 Lipyeow Lim -- University of Hawaii at Manoa
8
Data Packetbull How messages are packaged for
delivery on the network ndash like postal mail
bull Source and destination addresses
11262013 Lipyeow Lim -- University of Hawaii at Manoa
9
Network Abstractionsbull Network communications
are conceived as layers of abstractions
bull Each layer plays a specific role and is relatively independent of other layers
bull Each layer has its own packet format
bull Packets from higher layers are embedded in packets of lower layers ndash ldquoencapsulationrdquo
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Network
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
10
TCPIP Four Layer Model
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
bull Process to process communicates data to other processesapplications on the same host or on other hosts
bull Eg SMTP FTP SSH HTTP
bull Host to host communicates data to other host on the same network on on other networks
bull Hides the topology of the networkbull Flow control error correction connection controlbull Eg TCP UDP
bull Inter-network communicates data to other networksbull Deals with addressing and routing of datagrams to next
networkbull Eg IPv4 IPv6
bull Transmit data to other network interfaces on the local networkbull Eg Ethernet WiFi 80211
11
Link Layer
Data packet arrives from upper layer (Internet layer)bull If packet is too big break packet into smaller fragments (`framesrsquo)bull Embed data packet in a link layer packet with link layer header sequence
number error correction code etcbull Link layer packets gets transmitted on physical linkbull Link layer protocol governs how transmission over physical link is done Eg
Carrier sense multiple accessBottom-up process is similar on the receiving host
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
bull Eg Ethernet WiFi 80211bull A host can have multiple network interface
cards (eg Laptops typically have an ethernet interface and a WiFi interface)
bull Each interface has a 48-bit physical address that is hardwired to the hardware
12
Internet Layer
Data packet arrives from Transport layerbull Embed data packet in an IPv4 packet with IP header etcbull Pass packet to Link layer
Data packet arrives from Link layerbull Check IP header if packet destination is for this host If yes strip header and
pass to Transport layerbull Otherwise forward packet (routing)11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
bull Eg IPv4bull Connects multiple networks togetherbull Each network interface of a host is
associated with an 32-bit IPv4 addressbull IP address is not hardwired but assigned in
the software
13
IPv4 Addresses amp Domain Name Service
bull IP addresses are 32 bit numbers often written in 4 octets 1281711013
bull Each address is also split into two partsndash Prefix is the network addressndash Suffix is the host address within that network
bull Domain Name Servers provide a service that translates more meaningful names to IP addressesndash Uhunixhawaiiedu = 12817124197ndash www2hawaiiedu = 128171224150
11262013 Lipyeow Lim -- University of Hawaii at Manoa
128 171 10 13
Network Address Host Address
0 3116
14
IPv4 amp Inter-network Routing
For routersbull Examine destination IP addressbull Look up routing tables to determine outgoing networkbull Pass packet to link layer of that outgoing networkbull Best effort delivery ndash no guarantees
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
LinkInternet
Link
Ethernet Network
Internet
Link
Application
Transport
Internet
Link
Ethernet NetworkFibre Network
host host
RouterRouter
15
Transport Layer
TCP provides a reliable communication channel between two host applications by addressing several issues
bull Data packets arriving out of orderbull Data packets are corruptedbull Same packets arriving more than oncebull Some packets are lostdiscardedbull Traffic congestion control
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
bull Eg TCP (connection-oriented) UDPbull End-to-end message transfer between
hosts applicationsbull Each application on a host is associated
with a port numberbull IP address + port number will identify an
application end-point
16
Applications Email
bull Your email client program downloads incoming emails from mail server (imapgmailcom popgmailcom)
bull Outgoing emails are sent to mail server (smtpgmailcom)bull Mail servers handle the routing of emails using SMTP protocol which
operates on port 25 or 587ndash Lookup IP address of destination hostname in the email address using DNSndash Relaying email as packets to that IP address
11262013 Lipyeow Lim -- University of Hawaii at Manoa
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
Network
Mail Server Mail Server
Network Internet
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
Mail Client Mail Client
17
Sample Email HeaderDelivered-To strevguhrelayhawaiieduReceived by 10581456 with SMTP id sq6csp687725veb
Mon 3 Sep 2012203901 -0700 (PDT)Received by 106812938 with SMTP id
nt6mr43102232pbb761346729940698 Mon03 Sep 2012 203900 -0700 (PDT)Return-Path ltpostmasterlaulimahawaiiedugtReceived from mta11itshawaiiedu (mta11itshawaiiedu
[128171224147])by mxgooglecom with ESMTPS id
px6si25354378pbc21420120903203853(version=TLSv1SSLv3 cipher=RC4-MD5) Mon 03 Sep 2012
203900 -0700 (PDT)Received-SPF pass (googlecom domain of
postmasterlaulimahawaiiedudesignates 12817122458 as permitted sender) client-ip=
12817122458Authentication-Results mxgooglecom spf=pass (googlecom
domain ofpostmasterlaulimahawaiiedu designates 12817122458
as permitted sender)smtpmail=postmasterlaulimahawaiieduMIME-version 10Content-type multipartmixed
boundary=Boundary_(ID_3RY8N2VbJHb4tH5siR1eww)
Received from pmx11itshawaiiedu (pmx11itshawaiiedu [12817122458]) by
mta11itshawaiiedu (Sun Java(tm) System Messaging Server 63-1101 (built
Feb 12 2010 32bit)) with ESMTP id lt0M9T0071I3GJ4F40mta11itshawaiiedugt
Mon 03 Sep 2012 173845 -1000 (HST)Received from kuhiitshawaiiedu (kuhiitshawaiiedu
[12817125223]) bypmx11itshawaiiedu (Postfix) with ESMTP id E587118C023
Mon 03 Sep 2012173842 -1000 (HST)Received from sak24itshawaiiedu (sak24itshawaiiedu
[128171225199])by kuhiitshawaiiedu (812108126) with ESMTP id
q843ccvH023430 Mon 03Sep 2012 173838 -1000 (HST)Date Mon 03 Sep 2012 173833 -1000 (HST)From Dennis Streveler ltstrevhawaiiedugtCc strevhawaiiedu ltstrevhawaiiedugtMessage-id lt
11298755423101346729913602JavaMailsakaisak24itshawaiiedugt
Subject ICS 101 Help Tuesday lecture -- Everything you THOUGHT you knew
about NETWORKS and then someX-Mailer sakai-mailsender
11262013 Lipyeow Lim -- University of Hawaii at Manoa
18
Applications HTTP
11262013 Lipyeow Lim -- University of Hawaii at Manoa
HTTP
Transport TCP
Internet IPv4
Link
HTTP Server
Internet
HTTP
Transport TCP
Internet IPv4
Link
HTTP Clientbull Hyper-Text Transfer Protocol
(port 80)bull Request-response protocolbull When
httpwww2hawaiiedu~lipyeowindexhtml is entered into a web browser (http client)
HTTP11 200 OKDate Sun 02 Sep 2012 003540 GMTServer ApacheLast-Modified Tue 21 Aug 2012 012718 GMTETag 7d3e8-2950-4c7bc86e86980Accept-Ranges bytesContent-Length 10576Content-Type texthtmlltDOCTYPE HTML PUBLIC -W3CDTD HTML 40 TransitionalENgt ltHTMLgt
GET ~lipyeowindexhtml HTTP11host www2hawaiiedu
19
Internet Securitybull All data transmitted on the network using the
protocols described thus far are in plaintext
11262013 Lipyeow Lim -- University of Hawaii at Manoa
bull Anyone with access to the physical network link can snoop on the bit sequences and decode according to the protocol stack
bull Anyone can read your emails if heshe has access to a link on which your email packets are transmitted
bull Use encrypted connections eg SSLTLS
20
Secure HTTP -- HTTPS
bull Use HTTP over a SSLTLS layer (port 443)bull Negotiate a stateful encrypted connection to carry the
HTTP messagesbull Use a trusted 3rd party (CA) to verify identitybull Use public key handshake to establish a session keybull Encrypt subsequent messages using session key 11262013 Lipyeow Lim -- University of Hawaii at Manoa
HTTPSSLTLSTransport TCP
Internet IPv4
Link
HTTPS Server
HTTPSSLTLS
Transport TCP
Internet IPv4
Link
HTTPS Client
Certificate Authority
certificatecertificate
session key
verify certificate verify certificate
HTTP messages
21
Worksheet Questions
1 Packets are the unit of transfer between two communicating nodes Name two fields in a packet format
2 Recall the TCPIP 4-layer model Name one possible protocoltechnology at the link layer
11262013 Lipyeow Lim -- University of Hawaii at Manoa
- ICS 101 Fall 2013 Networking and the Internet
- Problem
- LOTR Beacon of Gondor
- Modern Computer Networks
- Quiz 1
- Quiz 2
- Local Area Networks
- Data Packet
- Network Abstractions
- TCPIP Four Layer Model
- Link Layer
- Internet Layer
- IPv4 Addresses amp Domain Name Service
- IPv4 amp Inter-network Routing
- Transport Layer
- Applications Email
- Sample Email Header
- Applications HTTP
- Internet Security
- Secure HTTP -- HTTPS
- Worksheet Questions
-
7
Local Area Networks
bull Wired (UTP Cat5) or Wireless 80211bull Connects hosts within a limited spatial region together to form
a networkbull All hosts within the network can ldquotalkrdquo to each otherbull The network is often a shared medium only one host can talk
at one time and the rest listens11262013 Lipyeow Lim -- University of Hawaii at Manoa
8
Data Packetbull How messages are packaged for
delivery on the network ndash like postal mail
bull Source and destination addresses
11262013 Lipyeow Lim -- University of Hawaii at Manoa
9
Network Abstractionsbull Network communications
are conceived as layers of abstractions
bull Each layer plays a specific role and is relatively independent of other layers
bull Each layer has its own packet format
bull Packets from higher layers are embedded in packets of lower layers ndash ldquoencapsulationrdquo
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Network
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
10
TCPIP Four Layer Model
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
bull Process to process communicates data to other processesapplications on the same host or on other hosts
bull Eg SMTP FTP SSH HTTP
bull Host to host communicates data to other host on the same network on on other networks
bull Hides the topology of the networkbull Flow control error correction connection controlbull Eg TCP UDP
bull Inter-network communicates data to other networksbull Deals with addressing and routing of datagrams to next
networkbull Eg IPv4 IPv6
bull Transmit data to other network interfaces on the local networkbull Eg Ethernet WiFi 80211
11
Link Layer
Data packet arrives from upper layer (Internet layer)bull If packet is too big break packet into smaller fragments (`framesrsquo)bull Embed data packet in a link layer packet with link layer header sequence
number error correction code etcbull Link layer packets gets transmitted on physical linkbull Link layer protocol governs how transmission over physical link is done Eg
Carrier sense multiple accessBottom-up process is similar on the receiving host
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
bull Eg Ethernet WiFi 80211bull A host can have multiple network interface
cards (eg Laptops typically have an ethernet interface and a WiFi interface)
bull Each interface has a 48-bit physical address that is hardwired to the hardware
12
Internet Layer
Data packet arrives from Transport layerbull Embed data packet in an IPv4 packet with IP header etcbull Pass packet to Link layer
Data packet arrives from Link layerbull Check IP header if packet destination is for this host If yes strip header and
pass to Transport layerbull Otherwise forward packet (routing)11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
bull Eg IPv4bull Connects multiple networks togetherbull Each network interface of a host is
associated with an 32-bit IPv4 addressbull IP address is not hardwired but assigned in
the software
13
IPv4 Addresses amp Domain Name Service
bull IP addresses are 32 bit numbers often written in 4 octets 1281711013
bull Each address is also split into two partsndash Prefix is the network addressndash Suffix is the host address within that network
bull Domain Name Servers provide a service that translates more meaningful names to IP addressesndash Uhunixhawaiiedu = 12817124197ndash www2hawaiiedu = 128171224150
11262013 Lipyeow Lim -- University of Hawaii at Manoa
128 171 10 13
Network Address Host Address
0 3116
14
IPv4 amp Inter-network Routing
For routersbull Examine destination IP addressbull Look up routing tables to determine outgoing networkbull Pass packet to link layer of that outgoing networkbull Best effort delivery ndash no guarantees
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
LinkInternet
Link
Ethernet Network
Internet
Link
Application
Transport
Internet
Link
Ethernet NetworkFibre Network
host host
RouterRouter
15
Transport Layer
TCP provides a reliable communication channel between two host applications by addressing several issues
bull Data packets arriving out of orderbull Data packets are corruptedbull Same packets arriving more than oncebull Some packets are lostdiscardedbull Traffic congestion control
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
bull Eg TCP (connection-oriented) UDPbull End-to-end message transfer between
hosts applicationsbull Each application on a host is associated
with a port numberbull IP address + port number will identify an
application end-point
16
Applications Email
bull Your email client program downloads incoming emails from mail server (imapgmailcom popgmailcom)
bull Outgoing emails are sent to mail server (smtpgmailcom)bull Mail servers handle the routing of emails using SMTP protocol which
operates on port 25 or 587ndash Lookup IP address of destination hostname in the email address using DNSndash Relaying email as packets to that IP address
11262013 Lipyeow Lim -- University of Hawaii at Manoa
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
Network
Mail Server Mail Server
Network Internet
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
Mail Client Mail Client
17
Sample Email HeaderDelivered-To strevguhrelayhawaiieduReceived by 10581456 with SMTP id sq6csp687725veb
Mon 3 Sep 2012203901 -0700 (PDT)Received by 106812938 with SMTP id
nt6mr43102232pbb761346729940698 Mon03 Sep 2012 203900 -0700 (PDT)Return-Path ltpostmasterlaulimahawaiiedugtReceived from mta11itshawaiiedu (mta11itshawaiiedu
[128171224147])by mxgooglecom with ESMTPS id
px6si25354378pbc21420120903203853(version=TLSv1SSLv3 cipher=RC4-MD5) Mon 03 Sep 2012
203900 -0700 (PDT)Received-SPF pass (googlecom domain of
postmasterlaulimahawaiiedudesignates 12817122458 as permitted sender) client-ip=
12817122458Authentication-Results mxgooglecom spf=pass (googlecom
domain ofpostmasterlaulimahawaiiedu designates 12817122458
as permitted sender)smtpmail=postmasterlaulimahawaiieduMIME-version 10Content-type multipartmixed
boundary=Boundary_(ID_3RY8N2VbJHb4tH5siR1eww)
Received from pmx11itshawaiiedu (pmx11itshawaiiedu [12817122458]) by
mta11itshawaiiedu (Sun Java(tm) System Messaging Server 63-1101 (built
Feb 12 2010 32bit)) with ESMTP id lt0M9T0071I3GJ4F40mta11itshawaiiedugt
Mon 03 Sep 2012 173845 -1000 (HST)Received from kuhiitshawaiiedu (kuhiitshawaiiedu
[12817125223]) bypmx11itshawaiiedu (Postfix) with ESMTP id E587118C023
Mon 03 Sep 2012173842 -1000 (HST)Received from sak24itshawaiiedu (sak24itshawaiiedu
[128171225199])by kuhiitshawaiiedu (812108126) with ESMTP id
q843ccvH023430 Mon 03Sep 2012 173838 -1000 (HST)Date Mon 03 Sep 2012 173833 -1000 (HST)From Dennis Streveler ltstrevhawaiiedugtCc strevhawaiiedu ltstrevhawaiiedugtMessage-id lt
11298755423101346729913602JavaMailsakaisak24itshawaiiedugt
Subject ICS 101 Help Tuesday lecture -- Everything you THOUGHT you knew
about NETWORKS and then someX-Mailer sakai-mailsender
11262013 Lipyeow Lim -- University of Hawaii at Manoa
18
Applications HTTP
11262013 Lipyeow Lim -- University of Hawaii at Manoa
HTTP
Transport TCP
Internet IPv4
Link
HTTP Server
Internet
HTTP
Transport TCP
Internet IPv4
Link
HTTP Clientbull Hyper-Text Transfer Protocol
(port 80)bull Request-response protocolbull When
httpwww2hawaiiedu~lipyeowindexhtml is entered into a web browser (http client)
HTTP11 200 OKDate Sun 02 Sep 2012 003540 GMTServer ApacheLast-Modified Tue 21 Aug 2012 012718 GMTETag 7d3e8-2950-4c7bc86e86980Accept-Ranges bytesContent-Length 10576Content-Type texthtmlltDOCTYPE HTML PUBLIC -W3CDTD HTML 40 TransitionalENgt ltHTMLgt
GET ~lipyeowindexhtml HTTP11host www2hawaiiedu
19
Internet Securitybull All data transmitted on the network using the
protocols described thus far are in plaintext
11262013 Lipyeow Lim -- University of Hawaii at Manoa
bull Anyone with access to the physical network link can snoop on the bit sequences and decode according to the protocol stack
bull Anyone can read your emails if heshe has access to a link on which your email packets are transmitted
bull Use encrypted connections eg SSLTLS
20
Secure HTTP -- HTTPS
bull Use HTTP over a SSLTLS layer (port 443)bull Negotiate a stateful encrypted connection to carry the
HTTP messagesbull Use a trusted 3rd party (CA) to verify identitybull Use public key handshake to establish a session keybull Encrypt subsequent messages using session key 11262013 Lipyeow Lim -- University of Hawaii at Manoa
HTTPSSLTLSTransport TCP
Internet IPv4
Link
HTTPS Server
HTTPSSLTLS
Transport TCP
Internet IPv4
Link
HTTPS Client
Certificate Authority
certificatecertificate
session key
verify certificate verify certificate
HTTP messages
21
Worksheet Questions
1 Packets are the unit of transfer between two communicating nodes Name two fields in a packet format
2 Recall the TCPIP 4-layer model Name one possible protocoltechnology at the link layer
11262013 Lipyeow Lim -- University of Hawaii at Manoa
- ICS 101 Fall 2013 Networking and the Internet
- Problem
- LOTR Beacon of Gondor
- Modern Computer Networks
- Quiz 1
- Quiz 2
- Local Area Networks
- Data Packet
- Network Abstractions
- TCPIP Four Layer Model
- Link Layer
- Internet Layer
- IPv4 Addresses amp Domain Name Service
- IPv4 amp Inter-network Routing
- Transport Layer
- Applications Email
- Sample Email Header
- Applications HTTP
- Internet Security
- Secure HTTP -- HTTPS
- Worksheet Questions
-
8
Data Packetbull How messages are packaged for
delivery on the network ndash like postal mail
bull Source and destination addresses
11262013 Lipyeow Lim -- University of Hawaii at Manoa
9
Network Abstractionsbull Network communications
are conceived as layers of abstractions
bull Each layer plays a specific role and is relatively independent of other layers
bull Each layer has its own packet format
bull Packets from higher layers are embedded in packets of lower layers ndash ldquoencapsulationrdquo
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Network
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
10
TCPIP Four Layer Model
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
bull Process to process communicates data to other processesapplications on the same host or on other hosts
bull Eg SMTP FTP SSH HTTP
bull Host to host communicates data to other host on the same network on on other networks
bull Hides the topology of the networkbull Flow control error correction connection controlbull Eg TCP UDP
bull Inter-network communicates data to other networksbull Deals with addressing and routing of datagrams to next
networkbull Eg IPv4 IPv6
bull Transmit data to other network interfaces on the local networkbull Eg Ethernet WiFi 80211
11
Link Layer
Data packet arrives from upper layer (Internet layer)bull If packet is too big break packet into smaller fragments (`framesrsquo)bull Embed data packet in a link layer packet with link layer header sequence
number error correction code etcbull Link layer packets gets transmitted on physical linkbull Link layer protocol governs how transmission over physical link is done Eg
Carrier sense multiple accessBottom-up process is similar on the receiving host
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
bull Eg Ethernet WiFi 80211bull A host can have multiple network interface
cards (eg Laptops typically have an ethernet interface and a WiFi interface)
bull Each interface has a 48-bit physical address that is hardwired to the hardware
12
Internet Layer
Data packet arrives from Transport layerbull Embed data packet in an IPv4 packet with IP header etcbull Pass packet to Link layer
Data packet arrives from Link layerbull Check IP header if packet destination is for this host If yes strip header and
pass to Transport layerbull Otherwise forward packet (routing)11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
bull Eg IPv4bull Connects multiple networks togetherbull Each network interface of a host is
associated with an 32-bit IPv4 addressbull IP address is not hardwired but assigned in
the software
13
IPv4 Addresses amp Domain Name Service
bull IP addresses are 32 bit numbers often written in 4 octets 1281711013
bull Each address is also split into two partsndash Prefix is the network addressndash Suffix is the host address within that network
bull Domain Name Servers provide a service that translates more meaningful names to IP addressesndash Uhunixhawaiiedu = 12817124197ndash www2hawaiiedu = 128171224150
11262013 Lipyeow Lim -- University of Hawaii at Manoa
128 171 10 13
Network Address Host Address
0 3116
14
IPv4 amp Inter-network Routing
For routersbull Examine destination IP addressbull Look up routing tables to determine outgoing networkbull Pass packet to link layer of that outgoing networkbull Best effort delivery ndash no guarantees
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
LinkInternet
Link
Ethernet Network
Internet
Link
Application
Transport
Internet
Link
Ethernet NetworkFibre Network
host host
RouterRouter
15
Transport Layer
TCP provides a reliable communication channel between two host applications by addressing several issues
bull Data packets arriving out of orderbull Data packets are corruptedbull Same packets arriving more than oncebull Some packets are lostdiscardedbull Traffic congestion control
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
bull Eg TCP (connection-oriented) UDPbull End-to-end message transfer between
hosts applicationsbull Each application on a host is associated
with a port numberbull IP address + port number will identify an
application end-point
16
Applications Email
bull Your email client program downloads incoming emails from mail server (imapgmailcom popgmailcom)
bull Outgoing emails are sent to mail server (smtpgmailcom)bull Mail servers handle the routing of emails using SMTP protocol which
operates on port 25 or 587ndash Lookup IP address of destination hostname in the email address using DNSndash Relaying email as packets to that IP address
11262013 Lipyeow Lim -- University of Hawaii at Manoa
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
Network
Mail Server Mail Server
Network Internet
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
Mail Client Mail Client
17
Sample Email HeaderDelivered-To strevguhrelayhawaiieduReceived by 10581456 with SMTP id sq6csp687725veb
Mon 3 Sep 2012203901 -0700 (PDT)Received by 106812938 with SMTP id
nt6mr43102232pbb761346729940698 Mon03 Sep 2012 203900 -0700 (PDT)Return-Path ltpostmasterlaulimahawaiiedugtReceived from mta11itshawaiiedu (mta11itshawaiiedu
[128171224147])by mxgooglecom with ESMTPS id
px6si25354378pbc21420120903203853(version=TLSv1SSLv3 cipher=RC4-MD5) Mon 03 Sep 2012
203900 -0700 (PDT)Received-SPF pass (googlecom domain of
postmasterlaulimahawaiiedudesignates 12817122458 as permitted sender) client-ip=
12817122458Authentication-Results mxgooglecom spf=pass (googlecom
domain ofpostmasterlaulimahawaiiedu designates 12817122458
as permitted sender)smtpmail=postmasterlaulimahawaiieduMIME-version 10Content-type multipartmixed
boundary=Boundary_(ID_3RY8N2VbJHb4tH5siR1eww)
Received from pmx11itshawaiiedu (pmx11itshawaiiedu [12817122458]) by
mta11itshawaiiedu (Sun Java(tm) System Messaging Server 63-1101 (built
Feb 12 2010 32bit)) with ESMTP id lt0M9T0071I3GJ4F40mta11itshawaiiedugt
Mon 03 Sep 2012 173845 -1000 (HST)Received from kuhiitshawaiiedu (kuhiitshawaiiedu
[12817125223]) bypmx11itshawaiiedu (Postfix) with ESMTP id E587118C023
Mon 03 Sep 2012173842 -1000 (HST)Received from sak24itshawaiiedu (sak24itshawaiiedu
[128171225199])by kuhiitshawaiiedu (812108126) with ESMTP id
q843ccvH023430 Mon 03Sep 2012 173838 -1000 (HST)Date Mon 03 Sep 2012 173833 -1000 (HST)From Dennis Streveler ltstrevhawaiiedugtCc strevhawaiiedu ltstrevhawaiiedugtMessage-id lt
11298755423101346729913602JavaMailsakaisak24itshawaiiedugt
Subject ICS 101 Help Tuesday lecture -- Everything you THOUGHT you knew
about NETWORKS and then someX-Mailer sakai-mailsender
11262013 Lipyeow Lim -- University of Hawaii at Manoa
18
Applications HTTP
11262013 Lipyeow Lim -- University of Hawaii at Manoa
HTTP
Transport TCP
Internet IPv4
Link
HTTP Server
Internet
HTTP
Transport TCP
Internet IPv4
Link
HTTP Clientbull Hyper-Text Transfer Protocol
(port 80)bull Request-response protocolbull When
httpwww2hawaiiedu~lipyeowindexhtml is entered into a web browser (http client)
HTTP11 200 OKDate Sun 02 Sep 2012 003540 GMTServer ApacheLast-Modified Tue 21 Aug 2012 012718 GMTETag 7d3e8-2950-4c7bc86e86980Accept-Ranges bytesContent-Length 10576Content-Type texthtmlltDOCTYPE HTML PUBLIC -W3CDTD HTML 40 TransitionalENgt ltHTMLgt
GET ~lipyeowindexhtml HTTP11host www2hawaiiedu
19
Internet Securitybull All data transmitted on the network using the
protocols described thus far are in plaintext
11262013 Lipyeow Lim -- University of Hawaii at Manoa
bull Anyone with access to the physical network link can snoop on the bit sequences and decode according to the protocol stack
bull Anyone can read your emails if heshe has access to a link on which your email packets are transmitted
bull Use encrypted connections eg SSLTLS
20
Secure HTTP -- HTTPS
bull Use HTTP over a SSLTLS layer (port 443)bull Negotiate a stateful encrypted connection to carry the
HTTP messagesbull Use a trusted 3rd party (CA) to verify identitybull Use public key handshake to establish a session keybull Encrypt subsequent messages using session key 11262013 Lipyeow Lim -- University of Hawaii at Manoa
HTTPSSLTLSTransport TCP
Internet IPv4
Link
HTTPS Server
HTTPSSLTLS
Transport TCP
Internet IPv4
Link
HTTPS Client
Certificate Authority
certificatecertificate
session key
verify certificate verify certificate
HTTP messages
21
Worksheet Questions
1 Packets are the unit of transfer between two communicating nodes Name two fields in a packet format
2 Recall the TCPIP 4-layer model Name one possible protocoltechnology at the link layer
11262013 Lipyeow Lim -- University of Hawaii at Manoa
- ICS 101 Fall 2013 Networking and the Internet
- Problem
- LOTR Beacon of Gondor
- Modern Computer Networks
- Quiz 1
- Quiz 2
- Local Area Networks
- Data Packet
- Network Abstractions
- TCPIP Four Layer Model
- Link Layer
- Internet Layer
- IPv4 Addresses amp Domain Name Service
- IPv4 amp Inter-network Routing
- Transport Layer
- Applications Email
- Sample Email Header
- Applications HTTP
- Internet Security
- Secure HTTP -- HTTPS
- Worksheet Questions
-
9
Network Abstractionsbull Network communications
are conceived as layers of abstractions
bull Each layer plays a specific role and is relatively independent of other layers
bull Each layer has its own packet format
bull Packets from higher layers are embedded in packets of lower layers ndash ldquoencapsulationrdquo
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Network
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
10
TCPIP Four Layer Model
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
bull Process to process communicates data to other processesapplications on the same host or on other hosts
bull Eg SMTP FTP SSH HTTP
bull Host to host communicates data to other host on the same network on on other networks
bull Hides the topology of the networkbull Flow control error correction connection controlbull Eg TCP UDP
bull Inter-network communicates data to other networksbull Deals with addressing and routing of datagrams to next
networkbull Eg IPv4 IPv6
bull Transmit data to other network interfaces on the local networkbull Eg Ethernet WiFi 80211
11
Link Layer
Data packet arrives from upper layer (Internet layer)bull If packet is too big break packet into smaller fragments (`framesrsquo)bull Embed data packet in a link layer packet with link layer header sequence
number error correction code etcbull Link layer packets gets transmitted on physical linkbull Link layer protocol governs how transmission over physical link is done Eg
Carrier sense multiple accessBottom-up process is similar on the receiving host
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
bull Eg Ethernet WiFi 80211bull A host can have multiple network interface
cards (eg Laptops typically have an ethernet interface and a WiFi interface)
bull Each interface has a 48-bit physical address that is hardwired to the hardware
12
Internet Layer
Data packet arrives from Transport layerbull Embed data packet in an IPv4 packet with IP header etcbull Pass packet to Link layer
Data packet arrives from Link layerbull Check IP header if packet destination is for this host If yes strip header and
pass to Transport layerbull Otherwise forward packet (routing)11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
bull Eg IPv4bull Connects multiple networks togetherbull Each network interface of a host is
associated with an 32-bit IPv4 addressbull IP address is not hardwired but assigned in
the software
13
IPv4 Addresses amp Domain Name Service
bull IP addresses are 32 bit numbers often written in 4 octets 1281711013
bull Each address is also split into two partsndash Prefix is the network addressndash Suffix is the host address within that network
bull Domain Name Servers provide a service that translates more meaningful names to IP addressesndash Uhunixhawaiiedu = 12817124197ndash www2hawaiiedu = 128171224150
11262013 Lipyeow Lim -- University of Hawaii at Manoa
128 171 10 13
Network Address Host Address
0 3116
14
IPv4 amp Inter-network Routing
For routersbull Examine destination IP addressbull Look up routing tables to determine outgoing networkbull Pass packet to link layer of that outgoing networkbull Best effort delivery ndash no guarantees
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
LinkInternet
Link
Ethernet Network
Internet
Link
Application
Transport
Internet
Link
Ethernet NetworkFibre Network
host host
RouterRouter
15
Transport Layer
TCP provides a reliable communication channel between two host applications by addressing several issues
bull Data packets arriving out of orderbull Data packets are corruptedbull Same packets arriving more than oncebull Some packets are lostdiscardedbull Traffic congestion control
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
bull Eg TCP (connection-oriented) UDPbull End-to-end message transfer between
hosts applicationsbull Each application on a host is associated
with a port numberbull IP address + port number will identify an
application end-point
16
Applications Email
bull Your email client program downloads incoming emails from mail server (imapgmailcom popgmailcom)
bull Outgoing emails are sent to mail server (smtpgmailcom)bull Mail servers handle the routing of emails using SMTP protocol which
operates on port 25 or 587ndash Lookup IP address of destination hostname in the email address using DNSndash Relaying email as packets to that IP address
11262013 Lipyeow Lim -- University of Hawaii at Manoa
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
Network
Mail Server Mail Server
Network Internet
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
Mail Client Mail Client
17
Sample Email HeaderDelivered-To strevguhrelayhawaiieduReceived by 10581456 with SMTP id sq6csp687725veb
Mon 3 Sep 2012203901 -0700 (PDT)Received by 106812938 with SMTP id
nt6mr43102232pbb761346729940698 Mon03 Sep 2012 203900 -0700 (PDT)Return-Path ltpostmasterlaulimahawaiiedugtReceived from mta11itshawaiiedu (mta11itshawaiiedu
[128171224147])by mxgooglecom with ESMTPS id
px6si25354378pbc21420120903203853(version=TLSv1SSLv3 cipher=RC4-MD5) Mon 03 Sep 2012
203900 -0700 (PDT)Received-SPF pass (googlecom domain of
postmasterlaulimahawaiiedudesignates 12817122458 as permitted sender) client-ip=
12817122458Authentication-Results mxgooglecom spf=pass (googlecom
domain ofpostmasterlaulimahawaiiedu designates 12817122458
as permitted sender)smtpmail=postmasterlaulimahawaiieduMIME-version 10Content-type multipartmixed
boundary=Boundary_(ID_3RY8N2VbJHb4tH5siR1eww)
Received from pmx11itshawaiiedu (pmx11itshawaiiedu [12817122458]) by
mta11itshawaiiedu (Sun Java(tm) System Messaging Server 63-1101 (built
Feb 12 2010 32bit)) with ESMTP id lt0M9T0071I3GJ4F40mta11itshawaiiedugt
Mon 03 Sep 2012 173845 -1000 (HST)Received from kuhiitshawaiiedu (kuhiitshawaiiedu
[12817125223]) bypmx11itshawaiiedu (Postfix) with ESMTP id E587118C023
Mon 03 Sep 2012173842 -1000 (HST)Received from sak24itshawaiiedu (sak24itshawaiiedu
[128171225199])by kuhiitshawaiiedu (812108126) with ESMTP id
q843ccvH023430 Mon 03Sep 2012 173838 -1000 (HST)Date Mon 03 Sep 2012 173833 -1000 (HST)From Dennis Streveler ltstrevhawaiiedugtCc strevhawaiiedu ltstrevhawaiiedugtMessage-id lt
11298755423101346729913602JavaMailsakaisak24itshawaiiedugt
Subject ICS 101 Help Tuesday lecture -- Everything you THOUGHT you knew
about NETWORKS and then someX-Mailer sakai-mailsender
11262013 Lipyeow Lim -- University of Hawaii at Manoa
18
Applications HTTP
11262013 Lipyeow Lim -- University of Hawaii at Manoa
HTTP
Transport TCP
Internet IPv4
Link
HTTP Server
Internet
HTTP
Transport TCP
Internet IPv4
Link
HTTP Clientbull Hyper-Text Transfer Protocol
(port 80)bull Request-response protocolbull When
httpwww2hawaiiedu~lipyeowindexhtml is entered into a web browser (http client)
HTTP11 200 OKDate Sun 02 Sep 2012 003540 GMTServer ApacheLast-Modified Tue 21 Aug 2012 012718 GMTETag 7d3e8-2950-4c7bc86e86980Accept-Ranges bytesContent-Length 10576Content-Type texthtmlltDOCTYPE HTML PUBLIC -W3CDTD HTML 40 TransitionalENgt ltHTMLgt
GET ~lipyeowindexhtml HTTP11host www2hawaiiedu
19
Internet Securitybull All data transmitted on the network using the
protocols described thus far are in plaintext
11262013 Lipyeow Lim -- University of Hawaii at Manoa
bull Anyone with access to the physical network link can snoop on the bit sequences and decode according to the protocol stack
bull Anyone can read your emails if heshe has access to a link on which your email packets are transmitted
bull Use encrypted connections eg SSLTLS
20
Secure HTTP -- HTTPS
bull Use HTTP over a SSLTLS layer (port 443)bull Negotiate a stateful encrypted connection to carry the
HTTP messagesbull Use a trusted 3rd party (CA) to verify identitybull Use public key handshake to establish a session keybull Encrypt subsequent messages using session key 11262013 Lipyeow Lim -- University of Hawaii at Manoa
HTTPSSLTLSTransport TCP
Internet IPv4
Link
HTTPS Server
HTTPSSLTLS
Transport TCP
Internet IPv4
Link
HTTPS Client
Certificate Authority
certificatecertificate
session key
verify certificate verify certificate
HTTP messages
21
Worksheet Questions
1 Packets are the unit of transfer between two communicating nodes Name two fields in a packet format
2 Recall the TCPIP 4-layer model Name one possible protocoltechnology at the link layer
11262013 Lipyeow Lim -- University of Hawaii at Manoa
- ICS 101 Fall 2013 Networking and the Internet
- Problem
- LOTR Beacon of Gondor
- Modern Computer Networks
- Quiz 1
- Quiz 2
- Local Area Networks
- Data Packet
- Network Abstractions
- TCPIP Four Layer Model
- Link Layer
- Internet Layer
- IPv4 Addresses amp Domain Name Service
- IPv4 amp Inter-network Routing
- Transport Layer
- Applications Email
- Sample Email Header
- Applications HTTP
- Internet Security
- Secure HTTP -- HTTPS
- Worksheet Questions
-
10
TCPIP Four Layer Model
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
bull Process to process communicates data to other processesapplications on the same host or on other hosts
bull Eg SMTP FTP SSH HTTP
bull Host to host communicates data to other host on the same network on on other networks
bull Hides the topology of the networkbull Flow control error correction connection controlbull Eg TCP UDP
bull Inter-network communicates data to other networksbull Deals with addressing and routing of datagrams to next
networkbull Eg IPv4 IPv6
bull Transmit data to other network interfaces on the local networkbull Eg Ethernet WiFi 80211
11
Link Layer
Data packet arrives from upper layer (Internet layer)bull If packet is too big break packet into smaller fragments (`framesrsquo)bull Embed data packet in a link layer packet with link layer header sequence
number error correction code etcbull Link layer packets gets transmitted on physical linkbull Link layer protocol governs how transmission over physical link is done Eg
Carrier sense multiple accessBottom-up process is similar on the receiving host
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
bull Eg Ethernet WiFi 80211bull A host can have multiple network interface
cards (eg Laptops typically have an ethernet interface and a WiFi interface)
bull Each interface has a 48-bit physical address that is hardwired to the hardware
12
Internet Layer
Data packet arrives from Transport layerbull Embed data packet in an IPv4 packet with IP header etcbull Pass packet to Link layer
Data packet arrives from Link layerbull Check IP header if packet destination is for this host If yes strip header and
pass to Transport layerbull Otherwise forward packet (routing)11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
bull Eg IPv4bull Connects multiple networks togetherbull Each network interface of a host is
associated with an 32-bit IPv4 addressbull IP address is not hardwired but assigned in
the software
13
IPv4 Addresses amp Domain Name Service
bull IP addresses are 32 bit numbers often written in 4 octets 1281711013
bull Each address is also split into two partsndash Prefix is the network addressndash Suffix is the host address within that network
bull Domain Name Servers provide a service that translates more meaningful names to IP addressesndash Uhunixhawaiiedu = 12817124197ndash www2hawaiiedu = 128171224150
11262013 Lipyeow Lim -- University of Hawaii at Manoa
128 171 10 13
Network Address Host Address
0 3116
14
IPv4 amp Inter-network Routing
For routersbull Examine destination IP addressbull Look up routing tables to determine outgoing networkbull Pass packet to link layer of that outgoing networkbull Best effort delivery ndash no guarantees
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
LinkInternet
Link
Ethernet Network
Internet
Link
Application
Transport
Internet
Link
Ethernet NetworkFibre Network
host host
RouterRouter
15
Transport Layer
TCP provides a reliable communication channel between two host applications by addressing several issues
bull Data packets arriving out of orderbull Data packets are corruptedbull Same packets arriving more than oncebull Some packets are lostdiscardedbull Traffic congestion control
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
bull Eg TCP (connection-oriented) UDPbull End-to-end message transfer between
hosts applicationsbull Each application on a host is associated
with a port numberbull IP address + port number will identify an
application end-point
16
Applications Email
bull Your email client program downloads incoming emails from mail server (imapgmailcom popgmailcom)
bull Outgoing emails are sent to mail server (smtpgmailcom)bull Mail servers handle the routing of emails using SMTP protocol which
operates on port 25 or 587ndash Lookup IP address of destination hostname in the email address using DNSndash Relaying email as packets to that IP address
11262013 Lipyeow Lim -- University of Hawaii at Manoa
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
Network
Mail Server Mail Server
Network Internet
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
Mail Client Mail Client
17
Sample Email HeaderDelivered-To strevguhrelayhawaiieduReceived by 10581456 with SMTP id sq6csp687725veb
Mon 3 Sep 2012203901 -0700 (PDT)Received by 106812938 with SMTP id
nt6mr43102232pbb761346729940698 Mon03 Sep 2012 203900 -0700 (PDT)Return-Path ltpostmasterlaulimahawaiiedugtReceived from mta11itshawaiiedu (mta11itshawaiiedu
[128171224147])by mxgooglecom with ESMTPS id
px6si25354378pbc21420120903203853(version=TLSv1SSLv3 cipher=RC4-MD5) Mon 03 Sep 2012
203900 -0700 (PDT)Received-SPF pass (googlecom domain of
postmasterlaulimahawaiiedudesignates 12817122458 as permitted sender) client-ip=
12817122458Authentication-Results mxgooglecom spf=pass (googlecom
domain ofpostmasterlaulimahawaiiedu designates 12817122458
as permitted sender)smtpmail=postmasterlaulimahawaiieduMIME-version 10Content-type multipartmixed
boundary=Boundary_(ID_3RY8N2VbJHb4tH5siR1eww)
Received from pmx11itshawaiiedu (pmx11itshawaiiedu [12817122458]) by
mta11itshawaiiedu (Sun Java(tm) System Messaging Server 63-1101 (built
Feb 12 2010 32bit)) with ESMTP id lt0M9T0071I3GJ4F40mta11itshawaiiedugt
Mon 03 Sep 2012 173845 -1000 (HST)Received from kuhiitshawaiiedu (kuhiitshawaiiedu
[12817125223]) bypmx11itshawaiiedu (Postfix) with ESMTP id E587118C023
Mon 03 Sep 2012173842 -1000 (HST)Received from sak24itshawaiiedu (sak24itshawaiiedu
[128171225199])by kuhiitshawaiiedu (812108126) with ESMTP id
q843ccvH023430 Mon 03Sep 2012 173838 -1000 (HST)Date Mon 03 Sep 2012 173833 -1000 (HST)From Dennis Streveler ltstrevhawaiiedugtCc strevhawaiiedu ltstrevhawaiiedugtMessage-id lt
11298755423101346729913602JavaMailsakaisak24itshawaiiedugt
Subject ICS 101 Help Tuesday lecture -- Everything you THOUGHT you knew
about NETWORKS and then someX-Mailer sakai-mailsender
11262013 Lipyeow Lim -- University of Hawaii at Manoa
18
Applications HTTP
11262013 Lipyeow Lim -- University of Hawaii at Manoa
HTTP
Transport TCP
Internet IPv4
Link
HTTP Server
Internet
HTTP
Transport TCP
Internet IPv4
Link
HTTP Clientbull Hyper-Text Transfer Protocol
(port 80)bull Request-response protocolbull When
httpwww2hawaiiedu~lipyeowindexhtml is entered into a web browser (http client)
HTTP11 200 OKDate Sun 02 Sep 2012 003540 GMTServer ApacheLast-Modified Tue 21 Aug 2012 012718 GMTETag 7d3e8-2950-4c7bc86e86980Accept-Ranges bytesContent-Length 10576Content-Type texthtmlltDOCTYPE HTML PUBLIC -W3CDTD HTML 40 TransitionalENgt ltHTMLgt
GET ~lipyeowindexhtml HTTP11host www2hawaiiedu
19
Internet Securitybull All data transmitted on the network using the
protocols described thus far are in plaintext
11262013 Lipyeow Lim -- University of Hawaii at Manoa
bull Anyone with access to the physical network link can snoop on the bit sequences and decode according to the protocol stack
bull Anyone can read your emails if heshe has access to a link on which your email packets are transmitted
bull Use encrypted connections eg SSLTLS
20
Secure HTTP -- HTTPS
bull Use HTTP over a SSLTLS layer (port 443)bull Negotiate a stateful encrypted connection to carry the
HTTP messagesbull Use a trusted 3rd party (CA) to verify identitybull Use public key handshake to establish a session keybull Encrypt subsequent messages using session key 11262013 Lipyeow Lim -- University of Hawaii at Manoa
HTTPSSLTLSTransport TCP
Internet IPv4
Link
HTTPS Server
HTTPSSLTLS
Transport TCP
Internet IPv4
Link
HTTPS Client
Certificate Authority
certificatecertificate
session key
verify certificate verify certificate
HTTP messages
21
Worksheet Questions
1 Packets are the unit of transfer between two communicating nodes Name two fields in a packet format
2 Recall the TCPIP 4-layer model Name one possible protocoltechnology at the link layer
11262013 Lipyeow Lim -- University of Hawaii at Manoa
- ICS 101 Fall 2013 Networking and the Internet
- Problem
- LOTR Beacon of Gondor
- Modern Computer Networks
- Quiz 1
- Quiz 2
- Local Area Networks
- Data Packet
- Network Abstractions
- TCPIP Four Layer Model
- Link Layer
- Internet Layer
- IPv4 Addresses amp Domain Name Service
- IPv4 amp Inter-network Routing
- Transport Layer
- Applications Email
- Sample Email Header
- Applications HTTP
- Internet Security
- Secure HTTP -- HTTPS
- Worksheet Questions
-
11
Link Layer
Data packet arrives from upper layer (Internet layer)bull If packet is too big break packet into smaller fragments (`framesrsquo)bull Embed data packet in a link layer packet with link layer header sequence
number error correction code etcbull Link layer packets gets transmitted on physical linkbull Link layer protocol governs how transmission over physical link is done Eg
Carrier sense multiple accessBottom-up process is similar on the receiving host
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
bull Eg Ethernet WiFi 80211bull A host can have multiple network interface
cards (eg Laptops typically have an ethernet interface and a WiFi interface)
bull Each interface has a 48-bit physical address that is hardwired to the hardware
12
Internet Layer
Data packet arrives from Transport layerbull Embed data packet in an IPv4 packet with IP header etcbull Pass packet to Link layer
Data packet arrives from Link layerbull Check IP header if packet destination is for this host If yes strip header and
pass to Transport layerbull Otherwise forward packet (routing)11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
bull Eg IPv4bull Connects multiple networks togetherbull Each network interface of a host is
associated with an 32-bit IPv4 addressbull IP address is not hardwired but assigned in
the software
13
IPv4 Addresses amp Domain Name Service
bull IP addresses are 32 bit numbers often written in 4 octets 1281711013
bull Each address is also split into two partsndash Prefix is the network addressndash Suffix is the host address within that network
bull Domain Name Servers provide a service that translates more meaningful names to IP addressesndash Uhunixhawaiiedu = 12817124197ndash www2hawaiiedu = 128171224150
11262013 Lipyeow Lim -- University of Hawaii at Manoa
128 171 10 13
Network Address Host Address
0 3116
14
IPv4 amp Inter-network Routing
For routersbull Examine destination IP addressbull Look up routing tables to determine outgoing networkbull Pass packet to link layer of that outgoing networkbull Best effort delivery ndash no guarantees
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
LinkInternet
Link
Ethernet Network
Internet
Link
Application
Transport
Internet
Link
Ethernet NetworkFibre Network
host host
RouterRouter
15
Transport Layer
TCP provides a reliable communication channel between two host applications by addressing several issues
bull Data packets arriving out of orderbull Data packets are corruptedbull Same packets arriving more than oncebull Some packets are lostdiscardedbull Traffic congestion control
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
bull Eg TCP (connection-oriented) UDPbull End-to-end message transfer between
hosts applicationsbull Each application on a host is associated
with a port numberbull IP address + port number will identify an
application end-point
16
Applications Email
bull Your email client program downloads incoming emails from mail server (imapgmailcom popgmailcom)
bull Outgoing emails are sent to mail server (smtpgmailcom)bull Mail servers handle the routing of emails using SMTP protocol which
operates on port 25 or 587ndash Lookup IP address of destination hostname in the email address using DNSndash Relaying email as packets to that IP address
11262013 Lipyeow Lim -- University of Hawaii at Manoa
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
Network
Mail Server Mail Server
Network Internet
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
Mail Client Mail Client
17
Sample Email HeaderDelivered-To strevguhrelayhawaiieduReceived by 10581456 with SMTP id sq6csp687725veb
Mon 3 Sep 2012203901 -0700 (PDT)Received by 106812938 with SMTP id
nt6mr43102232pbb761346729940698 Mon03 Sep 2012 203900 -0700 (PDT)Return-Path ltpostmasterlaulimahawaiiedugtReceived from mta11itshawaiiedu (mta11itshawaiiedu
[128171224147])by mxgooglecom with ESMTPS id
px6si25354378pbc21420120903203853(version=TLSv1SSLv3 cipher=RC4-MD5) Mon 03 Sep 2012
203900 -0700 (PDT)Received-SPF pass (googlecom domain of
postmasterlaulimahawaiiedudesignates 12817122458 as permitted sender) client-ip=
12817122458Authentication-Results mxgooglecom spf=pass (googlecom
domain ofpostmasterlaulimahawaiiedu designates 12817122458
as permitted sender)smtpmail=postmasterlaulimahawaiieduMIME-version 10Content-type multipartmixed
boundary=Boundary_(ID_3RY8N2VbJHb4tH5siR1eww)
Received from pmx11itshawaiiedu (pmx11itshawaiiedu [12817122458]) by
mta11itshawaiiedu (Sun Java(tm) System Messaging Server 63-1101 (built
Feb 12 2010 32bit)) with ESMTP id lt0M9T0071I3GJ4F40mta11itshawaiiedugt
Mon 03 Sep 2012 173845 -1000 (HST)Received from kuhiitshawaiiedu (kuhiitshawaiiedu
[12817125223]) bypmx11itshawaiiedu (Postfix) with ESMTP id E587118C023
Mon 03 Sep 2012173842 -1000 (HST)Received from sak24itshawaiiedu (sak24itshawaiiedu
[128171225199])by kuhiitshawaiiedu (812108126) with ESMTP id
q843ccvH023430 Mon 03Sep 2012 173838 -1000 (HST)Date Mon 03 Sep 2012 173833 -1000 (HST)From Dennis Streveler ltstrevhawaiiedugtCc strevhawaiiedu ltstrevhawaiiedugtMessage-id lt
11298755423101346729913602JavaMailsakaisak24itshawaiiedugt
Subject ICS 101 Help Tuesday lecture -- Everything you THOUGHT you knew
about NETWORKS and then someX-Mailer sakai-mailsender
11262013 Lipyeow Lim -- University of Hawaii at Manoa
18
Applications HTTP
11262013 Lipyeow Lim -- University of Hawaii at Manoa
HTTP
Transport TCP
Internet IPv4
Link
HTTP Server
Internet
HTTP
Transport TCP
Internet IPv4
Link
HTTP Clientbull Hyper-Text Transfer Protocol
(port 80)bull Request-response protocolbull When
httpwww2hawaiiedu~lipyeowindexhtml is entered into a web browser (http client)
HTTP11 200 OKDate Sun 02 Sep 2012 003540 GMTServer ApacheLast-Modified Tue 21 Aug 2012 012718 GMTETag 7d3e8-2950-4c7bc86e86980Accept-Ranges bytesContent-Length 10576Content-Type texthtmlltDOCTYPE HTML PUBLIC -W3CDTD HTML 40 TransitionalENgt ltHTMLgt
GET ~lipyeowindexhtml HTTP11host www2hawaiiedu
19
Internet Securitybull All data transmitted on the network using the
protocols described thus far are in plaintext
11262013 Lipyeow Lim -- University of Hawaii at Manoa
bull Anyone with access to the physical network link can snoop on the bit sequences and decode according to the protocol stack
bull Anyone can read your emails if heshe has access to a link on which your email packets are transmitted
bull Use encrypted connections eg SSLTLS
20
Secure HTTP -- HTTPS
bull Use HTTP over a SSLTLS layer (port 443)bull Negotiate a stateful encrypted connection to carry the
HTTP messagesbull Use a trusted 3rd party (CA) to verify identitybull Use public key handshake to establish a session keybull Encrypt subsequent messages using session key 11262013 Lipyeow Lim -- University of Hawaii at Manoa
HTTPSSLTLSTransport TCP
Internet IPv4
Link
HTTPS Server
HTTPSSLTLS
Transport TCP
Internet IPv4
Link
HTTPS Client
Certificate Authority
certificatecertificate
session key
verify certificate verify certificate
HTTP messages
21
Worksheet Questions
1 Packets are the unit of transfer between two communicating nodes Name two fields in a packet format
2 Recall the TCPIP 4-layer model Name one possible protocoltechnology at the link layer
11262013 Lipyeow Lim -- University of Hawaii at Manoa
- ICS 101 Fall 2013 Networking and the Internet
- Problem
- LOTR Beacon of Gondor
- Modern Computer Networks
- Quiz 1
- Quiz 2
- Local Area Networks
- Data Packet
- Network Abstractions
- TCPIP Four Layer Model
- Link Layer
- Internet Layer
- IPv4 Addresses amp Domain Name Service
- IPv4 amp Inter-network Routing
- Transport Layer
- Applications Email
- Sample Email Header
- Applications HTTP
- Internet Security
- Secure HTTP -- HTTPS
- Worksheet Questions
-
12
Internet Layer
Data packet arrives from Transport layerbull Embed data packet in an IPv4 packet with IP header etcbull Pass packet to Link layer
Data packet arrives from Link layerbull Check IP header if packet destination is for this host If yes strip header and
pass to Transport layerbull Otherwise forward packet (routing)11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
bull Eg IPv4bull Connects multiple networks togetherbull Each network interface of a host is
associated with an 32-bit IPv4 addressbull IP address is not hardwired but assigned in
the software
13
IPv4 Addresses amp Domain Name Service
bull IP addresses are 32 bit numbers often written in 4 octets 1281711013
bull Each address is also split into two partsndash Prefix is the network addressndash Suffix is the host address within that network
bull Domain Name Servers provide a service that translates more meaningful names to IP addressesndash Uhunixhawaiiedu = 12817124197ndash www2hawaiiedu = 128171224150
11262013 Lipyeow Lim -- University of Hawaii at Manoa
128 171 10 13
Network Address Host Address
0 3116
14
IPv4 amp Inter-network Routing
For routersbull Examine destination IP addressbull Look up routing tables to determine outgoing networkbull Pass packet to link layer of that outgoing networkbull Best effort delivery ndash no guarantees
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
LinkInternet
Link
Ethernet Network
Internet
Link
Application
Transport
Internet
Link
Ethernet NetworkFibre Network
host host
RouterRouter
15
Transport Layer
TCP provides a reliable communication channel between two host applications by addressing several issues
bull Data packets arriving out of orderbull Data packets are corruptedbull Same packets arriving more than oncebull Some packets are lostdiscardedbull Traffic congestion control
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
bull Eg TCP (connection-oriented) UDPbull End-to-end message transfer between
hosts applicationsbull Each application on a host is associated
with a port numberbull IP address + port number will identify an
application end-point
16
Applications Email
bull Your email client program downloads incoming emails from mail server (imapgmailcom popgmailcom)
bull Outgoing emails are sent to mail server (smtpgmailcom)bull Mail servers handle the routing of emails using SMTP protocol which
operates on port 25 or 587ndash Lookup IP address of destination hostname in the email address using DNSndash Relaying email as packets to that IP address
11262013 Lipyeow Lim -- University of Hawaii at Manoa
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
Network
Mail Server Mail Server
Network Internet
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
Mail Client Mail Client
17
Sample Email HeaderDelivered-To strevguhrelayhawaiieduReceived by 10581456 with SMTP id sq6csp687725veb
Mon 3 Sep 2012203901 -0700 (PDT)Received by 106812938 with SMTP id
nt6mr43102232pbb761346729940698 Mon03 Sep 2012 203900 -0700 (PDT)Return-Path ltpostmasterlaulimahawaiiedugtReceived from mta11itshawaiiedu (mta11itshawaiiedu
[128171224147])by mxgooglecom with ESMTPS id
px6si25354378pbc21420120903203853(version=TLSv1SSLv3 cipher=RC4-MD5) Mon 03 Sep 2012
203900 -0700 (PDT)Received-SPF pass (googlecom domain of
postmasterlaulimahawaiiedudesignates 12817122458 as permitted sender) client-ip=
12817122458Authentication-Results mxgooglecom spf=pass (googlecom
domain ofpostmasterlaulimahawaiiedu designates 12817122458
as permitted sender)smtpmail=postmasterlaulimahawaiieduMIME-version 10Content-type multipartmixed
boundary=Boundary_(ID_3RY8N2VbJHb4tH5siR1eww)
Received from pmx11itshawaiiedu (pmx11itshawaiiedu [12817122458]) by
mta11itshawaiiedu (Sun Java(tm) System Messaging Server 63-1101 (built
Feb 12 2010 32bit)) with ESMTP id lt0M9T0071I3GJ4F40mta11itshawaiiedugt
Mon 03 Sep 2012 173845 -1000 (HST)Received from kuhiitshawaiiedu (kuhiitshawaiiedu
[12817125223]) bypmx11itshawaiiedu (Postfix) with ESMTP id E587118C023
Mon 03 Sep 2012173842 -1000 (HST)Received from sak24itshawaiiedu (sak24itshawaiiedu
[128171225199])by kuhiitshawaiiedu (812108126) with ESMTP id
q843ccvH023430 Mon 03Sep 2012 173838 -1000 (HST)Date Mon 03 Sep 2012 173833 -1000 (HST)From Dennis Streveler ltstrevhawaiiedugtCc strevhawaiiedu ltstrevhawaiiedugtMessage-id lt
11298755423101346729913602JavaMailsakaisak24itshawaiiedugt
Subject ICS 101 Help Tuesday lecture -- Everything you THOUGHT you knew
about NETWORKS and then someX-Mailer sakai-mailsender
11262013 Lipyeow Lim -- University of Hawaii at Manoa
18
Applications HTTP
11262013 Lipyeow Lim -- University of Hawaii at Manoa
HTTP
Transport TCP
Internet IPv4
Link
HTTP Server
Internet
HTTP
Transport TCP
Internet IPv4
Link
HTTP Clientbull Hyper-Text Transfer Protocol
(port 80)bull Request-response protocolbull When
httpwww2hawaiiedu~lipyeowindexhtml is entered into a web browser (http client)
HTTP11 200 OKDate Sun 02 Sep 2012 003540 GMTServer ApacheLast-Modified Tue 21 Aug 2012 012718 GMTETag 7d3e8-2950-4c7bc86e86980Accept-Ranges bytesContent-Length 10576Content-Type texthtmlltDOCTYPE HTML PUBLIC -W3CDTD HTML 40 TransitionalENgt ltHTMLgt
GET ~lipyeowindexhtml HTTP11host www2hawaiiedu
19
Internet Securitybull All data transmitted on the network using the
protocols described thus far are in plaintext
11262013 Lipyeow Lim -- University of Hawaii at Manoa
bull Anyone with access to the physical network link can snoop on the bit sequences and decode according to the protocol stack
bull Anyone can read your emails if heshe has access to a link on which your email packets are transmitted
bull Use encrypted connections eg SSLTLS
20
Secure HTTP -- HTTPS
bull Use HTTP over a SSLTLS layer (port 443)bull Negotiate a stateful encrypted connection to carry the
HTTP messagesbull Use a trusted 3rd party (CA) to verify identitybull Use public key handshake to establish a session keybull Encrypt subsequent messages using session key 11262013 Lipyeow Lim -- University of Hawaii at Manoa
HTTPSSLTLSTransport TCP
Internet IPv4
Link
HTTPS Server
HTTPSSLTLS
Transport TCP
Internet IPv4
Link
HTTPS Client
Certificate Authority
certificatecertificate
session key
verify certificate verify certificate
HTTP messages
21
Worksheet Questions
1 Packets are the unit of transfer between two communicating nodes Name two fields in a packet format
2 Recall the TCPIP 4-layer model Name one possible protocoltechnology at the link layer
11262013 Lipyeow Lim -- University of Hawaii at Manoa
- ICS 101 Fall 2013 Networking and the Internet
- Problem
- LOTR Beacon of Gondor
- Modern Computer Networks
- Quiz 1
- Quiz 2
- Local Area Networks
- Data Packet
- Network Abstractions
- TCPIP Four Layer Model
- Link Layer
- Internet Layer
- IPv4 Addresses amp Domain Name Service
- IPv4 amp Inter-network Routing
- Transport Layer
- Applications Email
- Sample Email Header
- Applications HTTP
- Internet Security
- Secure HTTP -- HTTPS
- Worksheet Questions
-
13
IPv4 Addresses amp Domain Name Service
bull IP addresses are 32 bit numbers often written in 4 octets 1281711013
bull Each address is also split into two partsndash Prefix is the network addressndash Suffix is the host address within that network
bull Domain Name Servers provide a service that translates more meaningful names to IP addressesndash Uhunixhawaiiedu = 12817124197ndash www2hawaiiedu = 128171224150
11262013 Lipyeow Lim -- University of Hawaii at Manoa
128 171 10 13
Network Address Host Address
0 3116
14
IPv4 amp Inter-network Routing
For routersbull Examine destination IP addressbull Look up routing tables to determine outgoing networkbull Pass packet to link layer of that outgoing networkbull Best effort delivery ndash no guarantees
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
LinkInternet
Link
Ethernet Network
Internet
Link
Application
Transport
Internet
Link
Ethernet NetworkFibre Network
host host
RouterRouter
15
Transport Layer
TCP provides a reliable communication channel between two host applications by addressing several issues
bull Data packets arriving out of orderbull Data packets are corruptedbull Same packets arriving more than oncebull Some packets are lostdiscardedbull Traffic congestion control
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
bull Eg TCP (connection-oriented) UDPbull End-to-end message transfer between
hosts applicationsbull Each application on a host is associated
with a port numberbull IP address + port number will identify an
application end-point
16
Applications Email
bull Your email client program downloads incoming emails from mail server (imapgmailcom popgmailcom)
bull Outgoing emails are sent to mail server (smtpgmailcom)bull Mail servers handle the routing of emails using SMTP protocol which
operates on port 25 or 587ndash Lookup IP address of destination hostname in the email address using DNSndash Relaying email as packets to that IP address
11262013 Lipyeow Lim -- University of Hawaii at Manoa
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
Network
Mail Server Mail Server
Network Internet
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
Mail Client Mail Client
17
Sample Email HeaderDelivered-To strevguhrelayhawaiieduReceived by 10581456 with SMTP id sq6csp687725veb
Mon 3 Sep 2012203901 -0700 (PDT)Received by 106812938 with SMTP id
nt6mr43102232pbb761346729940698 Mon03 Sep 2012 203900 -0700 (PDT)Return-Path ltpostmasterlaulimahawaiiedugtReceived from mta11itshawaiiedu (mta11itshawaiiedu
[128171224147])by mxgooglecom with ESMTPS id
px6si25354378pbc21420120903203853(version=TLSv1SSLv3 cipher=RC4-MD5) Mon 03 Sep 2012
203900 -0700 (PDT)Received-SPF pass (googlecom domain of
postmasterlaulimahawaiiedudesignates 12817122458 as permitted sender) client-ip=
12817122458Authentication-Results mxgooglecom spf=pass (googlecom
domain ofpostmasterlaulimahawaiiedu designates 12817122458
as permitted sender)smtpmail=postmasterlaulimahawaiieduMIME-version 10Content-type multipartmixed
boundary=Boundary_(ID_3RY8N2VbJHb4tH5siR1eww)
Received from pmx11itshawaiiedu (pmx11itshawaiiedu [12817122458]) by
mta11itshawaiiedu (Sun Java(tm) System Messaging Server 63-1101 (built
Feb 12 2010 32bit)) with ESMTP id lt0M9T0071I3GJ4F40mta11itshawaiiedugt
Mon 03 Sep 2012 173845 -1000 (HST)Received from kuhiitshawaiiedu (kuhiitshawaiiedu
[12817125223]) bypmx11itshawaiiedu (Postfix) with ESMTP id E587118C023
Mon 03 Sep 2012173842 -1000 (HST)Received from sak24itshawaiiedu (sak24itshawaiiedu
[128171225199])by kuhiitshawaiiedu (812108126) with ESMTP id
q843ccvH023430 Mon 03Sep 2012 173838 -1000 (HST)Date Mon 03 Sep 2012 173833 -1000 (HST)From Dennis Streveler ltstrevhawaiiedugtCc strevhawaiiedu ltstrevhawaiiedugtMessage-id lt
11298755423101346729913602JavaMailsakaisak24itshawaiiedugt
Subject ICS 101 Help Tuesday lecture -- Everything you THOUGHT you knew
about NETWORKS and then someX-Mailer sakai-mailsender
11262013 Lipyeow Lim -- University of Hawaii at Manoa
18
Applications HTTP
11262013 Lipyeow Lim -- University of Hawaii at Manoa
HTTP
Transport TCP
Internet IPv4
Link
HTTP Server
Internet
HTTP
Transport TCP
Internet IPv4
Link
HTTP Clientbull Hyper-Text Transfer Protocol
(port 80)bull Request-response protocolbull When
httpwww2hawaiiedu~lipyeowindexhtml is entered into a web browser (http client)
HTTP11 200 OKDate Sun 02 Sep 2012 003540 GMTServer ApacheLast-Modified Tue 21 Aug 2012 012718 GMTETag 7d3e8-2950-4c7bc86e86980Accept-Ranges bytesContent-Length 10576Content-Type texthtmlltDOCTYPE HTML PUBLIC -W3CDTD HTML 40 TransitionalENgt ltHTMLgt
GET ~lipyeowindexhtml HTTP11host www2hawaiiedu
19
Internet Securitybull All data transmitted on the network using the
protocols described thus far are in plaintext
11262013 Lipyeow Lim -- University of Hawaii at Manoa
bull Anyone with access to the physical network link can snoop on the bit sequences and decode according to the protocol stack
bull Anyone can read your emails if heshe has access to a link on which your email packets are transmitted
bull Use encrypted connections eg SSLTLS
20
Secure HTTP -- HTTPS
bull Use HTTP over a SSLTLS layer (port 443)bull Negotiate a stateful encrypted connection to carry the
HTTP messagesbull Use a trusted 3rd party (CA) to verify identitybull Use public key handshake to establish a session keybull Encrypt subsequent messages using session key 11262013 Lipyeow Lim -- University of Hawaii at Manoa
HTTPSSLTLSTransport TCP
Internet IPv4
Link
HTTPS Server
HTTPSSLTLS
Transport TCP
Internet IPv4
Link
HTTPS Client
Certificate Authority
certificatecertificate
session key
verify certificate verify certificate
HTTP messages
21
Worksheet Questions
1 Packets are the unit of transfer between two communicating nodes Name two fields in a packet format
2 Recall the TCPIP 4-layer model Name one possible protocoltechnology at the link layer
11262013 Lipyeow Lim -- University of Hawaii at Manoa
- ICS 101 Fall 2013 Networking and the Internet
- Problem
- LOTR Beacon of Gondor
- Modern Computer Networks
- Quiz 1
- Quiz 2
- Local Area Networks
- Data Packet
- Network Abstractions
- TCPIP Four Layer Model
- Link Layer
- Internet Layer
- IPv4 Addresses amp Domain Name Service
- IPv4 amp Inter-network Routing
- Transport Layer
- Applications Email
- Sample Email Header
- Applications HTTP
- Internet Security
- Secure HTTP -- HTTPS
- Worksheet Questions
-
14
IPv4 amp Inter-network Routing
For routersbull Examine destination IP addressbull Look up routing tables to determine outgoing networkbull Pass packet to link layer of that outgoing networkbull Best effort delivery ndash no guarantees
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
LinkInternet
Link
Ethernet Network
Internet
Link
Application
Transport
Internet
Link
Ethernet NetworkFibre Network
host host
RouterRouter
15
Transport Layer
TCP provides a reliable communication channel between two host applications by addressing several issues
bull Data packets arriving out of orderbull Data packets are corruptedbull Same packets arriving more than oncebull Some packets are lostdiscardedbull Traffic congestion control
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
bull Eg TCP (connection-oriented) UDPbull End-to-end message transfer between
hosts applicationsbull Each application on a host is associated
with a port numberbull IP address + port number will identify an
application end-point
16
Applications Email
bull Your email client program downloads incoming emails from mail server (imapgmailcom popgmailcom)
bull Outgoing emails are sent to mail server (smtpgmailcom)bull Mail servers handle the routing of emails using SMTP protocol which
operates on port 25 or 587ndash Lookup IP address of destination hostname in the email address using DNSndash Relaying email as packets to that IP address
11262013 Lipyeow Lim -- University of Hawaii at Manoa
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
Network
Mail Server Mail Server
Network Internet
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
Mail Client Mail Client
17
Sample Email HeaderDelivered-To strevguhrelayhawaiieduReceived by 10581456 with SMTP id sq6csp687725veb
Mon 3 Sep 2012203901 -0700 (PDT)Received by 106812938 with SMTP id
nt6mr43102232pbb761346729940698 Mon03 Sep 2012 203900 -0700 (PDT)Return-Path ltpostmasterlaulimahawaiiedugtReceived from mta11itshawaiiedu (mta11itshawaiiedu
[128171224147])by mxgooglecom with ESMTPS id
px6si25354378pbc21420120903203853(version=TLSv1SSLv3 cipher=RC4-MD5) Mon 03 Sep 2012
203900 -0700 (PDT)Received-SPF pass (googlecom domain of
postmasterlaulimahawaiiedudesignates 12817122458 as permitted sender) client-ip=
12817122458Authentication-Results mxgooglecom spf=pass (googlecom
domain ofpostmasterlaulimahawaiiedu designates 12817122458
as permitted sender)smtpmail=postmasterlaulimahawaiieduMIME-version 10Content-type multipartmixed
boundary=Boundary_(ID_3RY8N2VbJHb4tH5siR1eww)
Received from pmx11itshawaiiedu (pmx11itshawaiiedu [12817122458]) by
mta11itshawaiiedu (Sun Java(tm) System Messaging Server 63-1101 (built
Feb 12 2010 32bit)) with ESMTP id lt0M9T0071I3GJ4F40mta11itshawaiiedugt
Mon 03 Sep 2012 173845 -1000 (HST)Received from kuhiitshawaiiedu (kuhiitshawaiiedu
[12817125223]) bypmx11itshawaiiedu (Postfix) with ESMTP id E587118C023
Mon 03 Sep 2012173842 -1000 (HST)Received from sak24itshawaiiedu (sak24itshawaiiedu
[128171225199])by kuhiitshawaiiedu (812108126) with ESMTP id
q843ccvH023430 Mon 03Sep 2012 173838 -1000 (HST)Date Mon 03 Sep 2012 173833 -1000 (HST)From Dennis Streveler ltstrevhawaiiedugtCc strevhawaiiedu ltstrevhawaiiedugtMessage-id lt
11298755423101346729913602JavaMailsakaisak24itshawaiiedugt
Subject ICS 101 Help Tuesday lecture -- Everything you THOUGHT you knew
about NETWORKS and then someX-Mailer sakai-mailsender
11262013 Lipyeow Lim -- University of Hawaii at Manoa
18
Applications HTTP
11262013 Lipyeow Lim -- University of Hawaii at Manoa
HTTP
Transport TCP
Internet IPv4
Link
HTTP Server
Internet
HTTP
Transport TCP
Internet IPv4
Link
HTTP Clientbull Hyper-Text Transfer Protocol
(port 80)bull Request-response protocolbull When
httpwww2hawaiiedu~lipyeowindexhtml is entered into a web browser (http client)
HTTP11 200 OKDate Sun 02 Sep 2012 003540 GMTServer ApacheLast-Modified Tue 21 Aug 2012 012718 GMTETag 7d3e8-2950-4c7bc86e86980Accept-Ranges bytesContent-Length 10576Content-Type texthtmlltDOCTYPE HTML PUBLIC -W3CDTD HTML 40 TransitionalENgt ltHTMLgt
GET ~lipyeowindexhtml HTTP11host www2hawaiiedu
19
Internet Securitybull All data transmitted on the network using the
protocols described thus far are in plaintext
11262013 Lipyeow Lim -- University of Hawaii at Manoa
bull Anyone with access to the physical network link can snoop on the bit sequences and decode according to the protocol stack
bull Anyone can read your emails if heshe has access to a link on which your email packets are transmitted
bull Use encrypted connections eg SSLTLS
20
Secure HTTP -- HTTPS
bull Use HTTP over a SSLTLS layer (port 443)bull Negotiate a stateful encrypted connection to carry the
HTTP messagesbull Use a trusted 3rd party (CA) to verify identitybull Use public key handshake to establish a session keybull Encrypt subsequent messages using session key 11262013 Lipyeow Lim -- University of Hawaii at Manoa
HTTPSSLTLSTransport TCP
Internet IPv4
Link
HTTPS Server
HTTPSSLTLS
Transport TCP
Internet IPv4
Link
HTTPS Client
Certificate Authority
certificatecertificate
session key
verify certificate verify certificate
HTTP messages
21
Worksheet Questions
1 Packets are the unit of transfer between two communicating nodes Name two fields in a packet format
2 Recall the TCPIP 4-layer model Name one possible protocoltechnology at the link layer
11262013 Lipyeow Lim -- University of Hawaii at Manoa
- ICS 101 Fall 2013 Networking and the Internet
- Problem
- LOTR Beacon of Gondor
- Modern Computer Networks
- Quiz 1
- Quiz 2
- Local Area Networks
- Data Packet
- Network Abstractions
- TCPIP Four Layer Model
- Link Layer
- Internet Layer
- IPv4 Addresses amp Domain Name Service
- IPv4 amp Inter-network Routing
- Transport Layer
- Applications Email
- Sample Email Header
- Applications HTTP
- Internet Security
- Secure HTTP -- HTTPS
- Worksheet Questions
-
15
Transport Layer
TCP provides a reliable communication channel between two host applications by addressing several issues
bull Data packets arriving out of orderbull Data packets are corruptedbull Same packets arriving more than oncebull Some packets are lostdiscardedbull Traffic congestion control
11262013 Lipyeow Lim -- University of Hawaii at Manoa
Application
Transport
Internet
Link
Application
Transport
Internet
Link
Physical Network
bull Eg TCP (connection-oriented) UDPbull End-to-end message transfer between
hosts applicationsbull Each application on a host is associated
with a port numberbull IP address + port number will identify an
application end-point
16
Applications Email
bull Your email client program downloads incoming emails from mail server (imapgmailcom popgmailcom)
bull Outgoing emails are sent to mail server (smtpgmailcom)bull Mail servers handle the routing of emails using SMTP protocol which
operates on port 25 or 587ndash Lookup IP address of destination hostname in the email address using DNSndash Relaying email as packets to that IP address
11262013 Lipyeow Lim -- University of Hawaii at Manoa
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
Network
Mail Server Mail Server
Network Internet
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
Mail Client Mail Client
17
Sample Email HeaderDelivered-To strevguhrelayhawaiieduReceived by 10581456 with SMTP id sq6csp687725veb
Mon 3 Sep 2012203901 -0700 (PDT)Received by 106812938 with SMTP id
nt6mr43102232pbb761346729940698 Mon03 Sep 2012 203900 -0700 (PDT)Return-Path ltpostmasterlaulimahawaiiedugtReceived from mta11itshawaiiedu (mta11itshawaiiedu
[128171224147])by mxgooglecom with ESMTPS id
px6si25354378pbc21420120903203853(version=TLSv1SSLv3 cipher=RC4-MD5) Mon 03 Sep 2012
203900 -0700 (PDT)Received-SPF pass (googlecom domain of
postmasterlaulimahawaiiedudesignates 12817122458 as permitted sender) client-ip=
12817122458Authentication-Results mxgooglecom spf=pass (googlecom
domain ofpostmasterlaulimahawaiiedu designates 12817122458
as permitted sender)smtpmail=postmasterlaulimahawaiieduMIME-version 10Content-type multipartmixed
boundary=Boundary_(ID_3RY8N2VbJHb4tH5siR1eww)
Received from pmx11itshawaiiedu (pmx11itshawaiiedu [12817122458]) by
mta11itshawaiiedu (Sun Java(tm) System Messaging Server 63-1101 (built
Feb 12 2010 32bit)) with ESMTP id lt0M9T0071I3GJ4F40mta11itshawaiiedugt
Mon 03 Sep 2012 173845 -1000 (HST)Received from kuhiitshawaiiedu (kuhiitshawaiiedu
[12817125223]) bypmx11itshawaiiedu (Postfix) with ESMTP id E587118C023
Mon 03 Sep 2012173842 -1000 (HST)Received from sak24itshawaiiedu (sak24itshawaiiedu
[128171225199])by kuhiitshawaiiedu (812108126) with ESMTP id
q843ccvH023430 Mon 03Sep 2012 173838 -1000 (HST)Date Mon 03 Sep 2012 173833 -1000 (HST)From Dennis Streveler ltstrevhawaiiedugtCc strevhawaiiedu ltstrevhawaiiedugtMessage-id lt
11298755423101346729913602JavaMailsakaisak24itshawaiiedugt
Subject ICS 101 Help Tuesday lecture -- Everything you THOUGHT you knew
about NETWORKS and then someX-Mailer sakai-mailsender
11262013 Lipyeow Lim -- University of Hawaii at Manoa
18
Applications HTTP
11262013 Lipyeow Lim -- University of Hawaii at Manoa
HTTP
Transport TCP
Internet IPv4
Link
HTTP Server
Internet
HTTP
Transport TCP
Internet IPv4
Link
HTTP Clientbull Hyper-Text Transfer Protocol
(port 80)bull Request-response protocolbull When
httpwww2hawaiiedu~lipyeowindexhtml is entered into a web browser (http client)
HTTP11 200 OKDate Sun 02 Sep 2012 003540 GMTServer ApacheLast-Modified Tue 21 Aug 2012 012718 GMTETag 7d3e8-2950-4c7bc86e86980Accept-Ranges bytesContent-Length 10576Content-Type texthtmlltDOCTYPE HTML PUBLIC -W3CDTD HTML 40 TransitionalENgt ltHTMLgt
GET ~lipyeowindexhtml HTTP11host www2hawaiiedu
19
Internet Securitybull All data transmitted on the network using the
protocols described thus far are in plaintext
11262013 Lipyeow Lim -- University of Hawaii at Manoa
bull Anyone with access to the physical network link can snoop on the bit sequences and decode according to the protocol stack
bull Anyone can read your emails if heshe has access to a link on which your email packets are transmitted
bull Use encrypted connections eg SSLTLS
20
Secure HTTP -- HTTPS
bull Use HTTP over a SSLTLS layer (port 443)bull Negotiate a stateful encrypted connection to carry the
HTTP messagesbull Use a trusted 3rd party (CA) to verify identitybull Use public key handshake to establish a session keybull Encrypt subsequent messages using session key 11262013 Lipyeow Lim -- University of Hawaii at Manoa
HTTPSSLTLSTransport TCP
Internet IPv4
Link
HTTPS Server
HTTPSSLTLS
Transport TCP
Internet IPv4
Link
HTTPS Client
Certificate Authority
certificatecertificate
session key
verify certificate verify certificate
HTTP messages
21
Worksheet Questions
1 Packets are the unit of transfer between two communicating nodes Name two fields in a packet format
2 Recall the TCPIP 4-layer model Name one possible protocoltechnology at the link layer
11262013 Lipyeow Lim -- University of Hawaii at Manoa
- ICS 101 Fall 2013 Networking and the Internet
- Problem
- LOTR Beacon of Gondor
- Modern Computer Networks
- Quiz 1
- Quiz 2
- Local Area Networks
- Data Packet
- Network Abstractions
- TCPIP Four Layer Model
- Link Layer
- Internet Layer
- IPv4 Addresses amp Domain Name Service
- IPv4 amp Inter-network Routing
- Transport Layer
- Applications Email
- Sample Email Header
- Applications HTTP
- Internet Security
- Secure HTTP -- HTTPS
- Worksheet Questions
-
16
Applications Email
bull Your email client program downloads incoming emails from mail server (imapgmailcom popgmailcom)
bull Outgoing emails are sent to mail server (smtpgmailcom)bull Mail servers handle the routing of emails using SMTP protocol which
operates on port 25 or 587ndash Lookup IP address of destination hostname in the email address using DNSndash Relaying email as packets to that IP address
11262013 Lipyeow Lim -- University of Hawaii at Manoa
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
Network
Mail Server Mail Server
Network Internet
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
POPIMAPSMTP
Transport TCP
Internet IPv4
Link
Mail Client Mail Client
17
Sample Email HeaderDelivered-To strevguhrelayhawaiieduReceived by 10581456 with SMTP id sq6csp687725veb
Mon 3 Sep 2012203901 -0700 (PDT)Received by 106812938 with SMTP id
nt6mr43102232pbb761346729940698 Mon03 Sep 2012 203900 -0700 (PDT)Return-Path ltpostmasterlaulimahawaiiedugtReceived from mta11itshawaiiedu (mta11itshawaiiedu
[128171224147])by mxgooglecom with ESMTPS id
px6si25354378pbc21420120903203853(version=TLSv1SSLv3 cipher=RC4-MD5) Mon 03 Sep 2012
203900 -0700 (PDT)Received-SPF pass (googlecom domain of
postmasterlaulimahawaiiedudesignates 12817122458 as permitted sender) client-ip=
12817122458Authentication-Results mxgooglecom spf=pass (googlecom
domain ofpostmasterlaulimahawaiiedu designates 12817122458
as permitted sender)smtpmail=postmasterlaulimahawaiieduMIME-version 10Content-type multipartmixed
boundary=Boundary_(ID_3RY8N2VbJHb4tH5siR1eww)
Received from pmx11itshawaiiedu (pmx11itshawaiiedu [12817122458]) by
mta11itshawaiiedu (Sun Java(tm) System Messaging Server 63-1101 (built
Feb 12 2010 32bit)) with ESMTP id lt0M9T0071I3GJ4F40mta11itshawaiiedugt
Mon 03 Sep 2012 173845 -1000 (HST)Received from kuhiitshawaiiedu (kuhiitshawaiiedu
[12817125223]) bypmx11itshawaiiedu (Postfix) with ESMTP id E587118C023
Mon 03 Sep 2012173842 -1000 (HST)Received from sak24itshawaiiedu (sak24itshawaiiedu
[128171225199])by kuhiitshawaiiedu (812108126) with ESMTP id
q843ccvH023430 Mon 03Sep 2012 173838 -1000 (HST)Date Mon 03 Sep 2012 173833 -1000 (HST)From Dennis Streveler ltstrevhawaiiedugtCc strevhawaiiedu ltstrevhawaiiedugtMessage-id lt
11298755423101346729913602JavaMailsakaisak24itshawaiiedugt
Subject ICS 101 Help Tuesday lecture -- Everything you THOUGHT you knew
about NETWORKS and then someX-Mailer sakai-mailsender
11262013 Lipyeow Lim -- University of Hawaii at Manoa
18
Applications HTTP
11262013 Lipyeow Lim -- University of Hawaii at Manoa
HTTP
Transport TCP
Internet IPv4
Link
HTTP Server
Internet
HTTP
Transport TCP
Internet IPv4
Link
HTTP Clientbull Hyper-Text Transfer Protocol
(port 80)bull Request-response protocolbull When
httpwww2hawaiiedu~lipyeowindexhtml is entered into a web browser (http client)
HTTP11 200 OKDate Sun 02 Sep 2012 003540 GMTServer ApacheLast-Modified Tue 21 Aug 2012 012718 GMTETag 7d3e8-2950-4c7bc86e86980Accept-Ranges bytesContent-Length 10576Content-Type texthtmlltDOCTYPE HTML PUBLIC -W3CDTD HTML 40 TransitionalENgt ltHTMLgt
GET ~lipyeowindexhtml HTTP11host www2hawaiiedu
19
Internet Securitybull All data transmitted on the network using the
protocols described thus far are in plaintext
11262013 Lipyeow Lim -- University of Hawaii at Manoa
bull Anyone with access to the physical network link can snoop on the bit sequences and decode according to the protocol stack
bull Anyone can read your emails if heshe has access to a link on which your email packets are transmitted
bull Use encrypted connections eg SSLTLS
20
Secure HTTP -- HTTPS
bull Use HTTP over a SSLTLS layer (port 443)bull Negotiate a stateful encrypted connection to carry the
HTTP messagesbull Use a trusted 3rd party (CA) to verify identitybull Use public key handshake to establish a session keybull Encrypt subsequent messages using session key 11262013 Lipyeow Lim -- University of Hawaii at Manoa
HTTPSSLTLSTransport TCP
Internet IPv4
Link
HTTPS Server
HTTPSSLTLS
Transport TCP
Internet IPv4
Link
HTTPS Client
Certificate Authority
certificatecertificate
session key
verify certificate verify certificate
HTTP messages
21
Worksheet Questions
1 Packets are the unit of transfer between two communicating nodes Name two fields in a packet format
2 Recall the TCPIP 4-layer model Name one possible protocoltechnology at the link layer
11262013 Lipyeow Lim -- University of Hawaii at Manoa
- ICS 101 Fall 2013 Networking and the Internet
- Problem
- LOTR Beacon of Gondor
- Modern Computer Networks
- Quiz 1
- Quiz 2
- Local Area Networks
- Data Packet
- Network Abstractions
- TCPIP Four Layer Model
- Link Layer
- Internet Layer
- IPv4 Addresses amp Domain Name Service
- IPv4 amp Inter-network Routing
- Transport Layer
- Applications Email
- Sample Email Header
- Applications HTTP
- Internet Security
- Secure HTTP -- HTTPS
- Worksheet Questions
-
17
Sample Email HeaderDelivered-To strevguhrelayhawaiieduReceived by 10581456 with SMTP id sq6csp687725veb
Mon 3 Sep 2012203901 -0700 (PDT)Received by 106812938 with SMTP id
nt6mr43102232pbb761346729940698 Mon03 Sep 2012 203900 -0700 (PDT)Return-Path ltpostmasterlaulimahawaiiedugtReceived from mta11itshawaiiedu (mta11itshawaiiedu
[128171224147])by mxgooglecom with ESMTPS id
px6si25354378pbc21420120903203853(version=TLSv1SSLv3 cipher=RC4-MD5) Mon 03 Sep 2012
203900 -0700 (PDT)Received-SPF pass (googlecom domain of
postmasterlaulimahawaiiedudesignates 12817122458 as permitted sender) client-ip=
12817122458Authentication-Results mxgooglecom spf=pass (googlecom
domain ofpostmasterlaulimahawaiiedu designates 12817122458
as permitted sender)smtpmail=postmasterlaulimahawaiieduMIME-version 10Content-type multipartmixed
boundary=Boundary_(ID_3RY8N2VbJHb4tH5siR1eww)
Received from pmx11itshawaiiedu (pmx11itshawaiiedu [12817122458]) by
mta11itshawaiiedu (Sun Java(tm) System Messaging Server 63-1101 (built
Feb 12 2010 32bit)) with ESMTP id lt0M9T0071I3GJ4F40mta11itshawaiiedugt
Mon 03 Sep 2012 173845 -1000 (HST)Received from kuhiitshawaiiedu (kuhiitshawaiiedu
[12817125223]) bypmx11itshawaiiedu (Postfix) with ESMTP id E587118C023
Mon 03 Sep 2012173842 -1000 (HST)Received from sak24itshawaiiedu (sak24itshawaiiedu
[128171225199])by kuhiitshawaiiedu (812108126) with ESMTP id
q843ccvH023430 Mon 03Sep 2012 173838 -1000 (HST)Date Mon 03 Sep 2012 173833 -1000 (HST)From Dennis Streveler ltstrevhawaiiedugtCc strevhawaiiedu ltstrevhawaiiedugtMessage-id lt
11298755423101346729913602JavaMailsakaisak24itshawaiiedugt
Subject ICS 101 Help Tuesday lecture -- Everything you THOUGHT you knew
about NETWORKS and then someX-Mailer sakai-mailsender
11262013 Lipyeow Lim -- University of Hawaii at Manoa
18
Applications HTTP
11262013 Lipyeow Lim -- University of Hawaii at Manoa
HTTP
Transport TCP
Internet IPv4
Link
HTTP Server
Internet
HTTP
Transport TCP
Internet IPv4
Link
HTTP Clientbull Hyper-Text Transfer Protocol
(port 80)bull Request-response protocolbull When
httpwww2hawaiiedu~lipyeowindexhtml is entered into a web browser (http client)
HTTP11 200 OKDate Sun 02 Sep 2012 003540 GMTServer ApacheLast-Modified Tue 21 Aug 2012 012718 GMTETag 7d3e8-2950-4c7bc86e86980Accept-Ranges bytesContent-Length 10576Content-Type texthtmlltDOCTYPE HTML PUBLIC -W3CDTD HTML 40 TransitionalENgt ltHTMLgt
GET ~lipyeowindexhtml HTTP11host www2hawaiiedu
19
Internet Securitybull All data transmitted on the network using the
protocols described thus far are in plaintext
11262013 Lipyeow Lim -- University of Hawaii at Manoa
bull Anyone with access to the physical network link can snoop on the bit sequences and decode according to the protocol stack
bull Anyone can read your emails if heshe has access to a link on which your email packets are transmitted
bull Use encrypted connections eg SSLTLS
20
Secure HTTP -- HTTPS
bull Use HTTP over a SSLTLS layer (port 443)bull Negotiate a stateful encrypted connection to carry the
HTTP messagesbull Use a trusted 3rd party (CA) to verify identitybull Use public key handshake to establish a session keybull Encrypt subsequent messages using session key 11262013 Lipyeow Lim -- University of Hawaii at Manoa
HTTPSSLTLSTransport TCP
Internet IPv4
Link
HTTPS Server
HTTPSSLTLS
Transport TCP
Internet IPv4
Link
HTTPS Client
Certificate Authority
certificatecertificate
session key
verify certificate verify certificate
HTTP messages
21
Worksheet Questions
1 Packets are the unit of transfer between two communicating nodes Name two fields in a packet format
2 Recall the TCPIP 4-layer model Name one possible protocoltechnology at the link layer
11262013 Lipyeow Lim -- University of Hawaii at Manoa
- ICS 101 Fall 2013 Networking and the Internet
- Problem
- LOTR Beacon of Gondor
- Modern Computer Networks
- Quiz 1
- Quiz 2
- Local Area Networks
- Data Packet
- Network Abstractions
- TCPIP Four Layer Model
- Link Layer
- Internet Layer
- IPv4 Addresses amp Domain Name Service
- IPv4 amp Inter-network Routing
- Transport Layer
- Applications Email
- Sample Email Header
- Applications HTTP
- Internet Security
- Secure HTTP -- HTTPS
- Worksheet Questions
-
18
Applications HTTP
11262013 Lipyeow Lim -- University of Hawaii at Manoa
HTTP
Transport TCP
Internet IPv4
Link
HTTP Server
Internet
HTTP
Transport TCP
Internet IPv4
Link
HTTP Clientbull Hyper-Text Transfer Protocol
(port 80)bull Request-response protocolbull When
httpwww2hawaiiedu~lipyeowindexhtml is entered into a web browser (http client)
HTTP11 200 OKDate Sun 02 Sep 2012 003540 GMTServer ApacheLast-Modified Tue 21 Aug 2012 012718 GMTETag 7d3e8-2950-4c7bc86e86980Accept-Ranges bytesContent-Length 10576Content-Type texthtmlltDOCTYPE HTML PUBLIC -W3CDTD HTML 40 TransitionalENgt ltHTMLgt
GET ~lipyeowindexhtml HTTP11host www2hawaiiedu
19
Internet Securitybull All data transmitted on the network using the
protocols described thus far are in plaintext
11262013 Lipyeow Lim -- University of Hawaii at Manoa
bull Anyone with access to the physical network link can snoop on the bit sequences and decode according to the protocol stack
bull Anyone can read your emails if heshe has access to a link on which your email packets are transmitted
bull Use encrypted connections eg SSLTLS
20
Secure HTTP -- HTTPS
bull Use HTTP over a SSLTLS layer (port 443)bull Negotiate a stateful encrypted connection to carry the
HTTP messagesbull Use a trusted 3rd party (CA) to verify identitybull Use public key handshake to establish a session keybull Encrypt subsequent messages using session key 11262013 Lipyeow Lim -- University of Hawaii at Manoa
HTTPSSLTLSTransport TCP
Internet IPv4
Link
HTTPS Server
HTTPSSLTLS
Transport TCP
Internet IPv4
Link
HTTPS Client
Certificate Authority
certificatecertificate
session key
verify certificate verify certificate
HTTP messages
21
Worksheet Questions
1 Packets are the unit of transfer between two communicating nodes Name two fields in a packet format
2 Recall the TCPIP 4-layer model Name one possible protocoltechnology at the link layer
11262013 Lipyeow Lim -- University of Hawaii at Manoa
- ICS 101 Fall 2013 Networking and the Internet
- Problem
- LOTR Beacon of Gondor
- Modern Computer Networks
- Quiz 1
- Quiz 2
- Local Area Networks
- Data Packet
- Network Abstractions
- TCPIP Four Layer Model
- Link Layer
- Internet Layer
- IPv4 Addresses amp Domain Name Service
- IPv4 amp Inter-network Routing
- Transport Layer
- Applications Email
- Sample Email Header
- Applications HTTP
- Internet Security
- Secure HTTP -- HTTPS
- Worksheet Questions
-
19
Internet Securitybull All data transmitted on the network using the
protocols described thus far are in plaintext
11262013 Lipyeow Lim -- University of Hawaii at Manoa
bull Anyone with access to the physical network link can snoop on the bit sequences and decode according to the protocol stack
bull Anyone can read your emails if heshe has access to a link on which your email packets are transmitted
bull Use encrypted connections eg SSLTLS
20
Secure HTTP -- HTTPS
bull Use HTTP over a SSLTLS layer (port 443)bull Negotiate a stateful encrypted connection to carry the
HTTP messagesbull Use a trusted 3rd party (CA) to verify identitybull Use public key handshake to establish a session keybull Encrypt subsequent messages using session key 11262013 Lipyeow Lim -- University of Hawaii at Manoa
HTTPSSLTLSTransport TCP
Internet IPv4
Link
HTTPS Server
HTTPSSLTLS
Transport TCP
Internet IPv4
Link
HTTPS Client
Certificate Authority
certificatecertificate
session key
verify certificate verify certificate
HTTP messages
21
Worksheet Questions
1 Packets are the unit of transfer between two communicating nodes Name two fields in a packet format
2 Recall the TCPIP 4-layer model Name one possible protocoltechnology at the link layer
11262013 Lipyeow Lim -- University of Hawaii at Manoa
- ICS 101 Fall 2013 Networking and the Internet
- Problem
- LOTR Beacon of Gondor
- Modern Computer Networks
- Quiz 1
- Quiz 2
- Local Area Networks
- Data Packet
- Network Abstractions
- TCPIP Four Layer Model
- Link Layer
- Internet Layer
- IPv4 Addresses amp Domain Name Service
- IPv4 amp Inter-network Routing
- Transport Layer
- Applications Email
- Sample Email Header
- Applications HTTP
- Internet Security
- Secure HTTP -- HTTPS
- Worksheet Questions
-
20
Secure HTTP -- HTTPS
bull Use HTTP over a SSLTLS layer (port 443)bull Negotiate a stateful encrypted connection to carry the
HTTP messagesbull Use a trusted 3rd party (CA) to verify identitybull Use public key handshake to establish a session keybull Encrypt subsequent messages using session key 11262013 Lipyeow Lim -- University of Hawaii at Manoa
HTTPSSLTLSTransport TCP
Internet IPv4
Link
HTTPS Server
HTTPSSLTLS
Transport TCP
Internet IPv4
Link
HTTPS Client
Certificate Authority
certificatecertificate
session key
verify certificate verify certificate
HTTP messages
21
Worksheet Questions
1 Packets are the unit of transfer between two communicating nodes Name two fields in a packet format
2 Recall the TCPIP 4-layer model Name one possible protocoltechnology at the link layer
11262013 Lipyeow Lim -- University of Hawaii at Manoa
- ICS 101 Fall 2013 Networking and the Internet
- Problem
- LOTR Beacon of Gondor
- Modern Computer Networks
- Quiz 1
- Quiz 2
- Local Area Networks
- Data Packet
- Network Abstractions
- TCPIP Four Layer Model
- Link Layer
- Internet Layer
- IPv4 Addresses amp Domain Name Service
- IPv4 amp Inter-network Routing
- Transport Layer
- Applications Email
- Sample Email Header
- Applications HTTP
- Internet Security
- Secure HTTP -- HTTPS
- Worksheet Questions
-
21
Worksheet Questions
1 Packets are the unit of transfer between two communicating nodes Name two fields in a packet format
2 Recall the TCPIP 4-layer model Name one possible protocoltechnology at the link layer
11262013 Lipyeow Lim -- University of Hawaii at Manoa
- ICS 101 Fall 2013 Networking and the Internet
- Problem
- LOTR Beacon of Gondor
- Modern Computer Networks
- Quiz 1
- Quiz 2
- Local Area Networks
- Data Packet
- Network Abstractions
- TCPIP Four Layer Model
- Link Layer
- Internet Layer
- IPv4 Addresses amp Domain Name Service
- IPv4 amp Inter-network Routing
- Transport Layer
- Applications Email
- Sample Email Header
- Applications HTTP
- Internet Security
- Secure HTTP -- HTTPS
- Worksheet Questions
-