Network and Network Security Summary CHoogteijling
Computer Networking -
A Top DownApproach 7th
Contents
1 Computer Networks and the Internet 3
1.1 What is the Internet? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.2 The Network Edge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.3 The Network Core . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
1.4 Delay, Loss and Throughput . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
1.5 Protocol layers and their service model . . . . . . . . . . . . . . . . . . . . . . 7
1.6 Networks under attack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
1.7 History of Computer Networking . . . . . . . . . . . . . . . . . . . . . . . . . 10
2 Application Layer 12
2.1 Principle of Network Applications . . . . . . . . . . . . . . . . . . . . . . . . . 12
2.2 The Web and HTTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
2.3 Electronic Mail in the Internet . . . . . . . . . . . . . . . . . . . . . . . . . . 16
2.4 DNS - The Internet’s Directory Service . . . . . . . . . . . . . . . . . . . . . . 17
2.5 Peer-to-Peer File Distribution . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
2.6 Video Streaming and Content Distribution Networks . . . . . . . . . . . . . . 19
2.7 Socket Programming: Creating Network Applications . . . . . . . . . . . . . 22
3 Transport Layer 23
3.1 Introduction and Transport-Layer Services . . . . . . . . . . . . . . . . . . . . 23
3.2 Multiplexing and Demultiplexing . . . . . . . . . . . . . . . . . . . . . . . . . 23
3.3 Connectionless Transport: UDP . . . . . . . . . . . . . . . . . . . . . . . . . . 24
3.5 Connection-Oriented Transport: TCP . . . . . . . . . . . . . . . . . . . . . . 25
3.6 Principles of Congestion Control . . . . . . . . . . . . . . . . . . . . . . . . . 29
3.7 TCP Congestion Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
4 The Network Layer: Data Plane 33
4.1 Overview of Network Layer . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
4.2 What’s Inside a Router? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
4.3 The Internet Protocol (IP): IPv4, Addressing, IPv6, and More . . . . . . . . 36
4.4 Generalized Forwarding and SDN . . . . . . . . . . . . . . . . . . . . . . . . . 40
5 The Network Layer: Control Plane 41
5.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
, page 1 of 83
,Network and Network Security Summary CHoogteijling
5.2 Routing Algorithms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
5.3 Intra-AS Routing in the Internet: OSPF . . . . . . . . . . . . . . . . . . . . . 43
5.4 Routing Among the ISPs: BGP . . . . . . . . . . . . . . . . . . . . . . . . . . 44
5.5 The SDN Control Plane . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
5.6 ICMP: The Internet Control Message Protocol . . . . . . . . . . . . . . . . . 47
6 The Link Layer and LANs 48
6.1 Introduction to the Link Layer . . . . . . . . . . . . . . . . . . . . . . . . . . 48
6.3 Multiple Access Links and Protocols . . . . . . . . . . . . . . . . . . . . . . . 48
6.4 Switched Local Area Networks . . . . . . . . . . . . . . . . . . . . . . . . . . 52
7 Wireless and Mobile Networks 57
7.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
7.2 Wireless Links and Network Characteristics . . . . . . . . . . . . . . . . . . . 57
7.3 WiFi: 802.11 Wireless LANs . . . . . . . . . . . . . . . . . . . . . . . . . . . 58
7.5 Mobility Management: Principles . . . . . . . . . . . . . . . . . . . . . . . . . 63
7.6 Mobile IP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64
8 Security in Computer Networks 66
8.1 What Is Network Security? . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66
8.2 Principles of Cryptography . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66
8.3 Message Integrity and Digital Signatures . . . . . . . . . . . . . . . . . . . . . 68
8.5 Securing E-Mail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70
8.6 Securing TCP Connections: SSL . . . . . . . . . . . . . . . . . . . . . . . . . 70
8.7 Network-Layer Security: IPsec and Virtual Private Networks . . . . . . . . . 72
8.8 Securing Wireless LANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
8.9 Operational Security: Firewalls and Intrusion Detection Systems . . . . . . . 76
9 Multimedia Networking 78
9.1 Multimedia Networking Applications . . . . . . . . . . . . . . . . . . . . . . . 78
9.2 Streaming Stored Video . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79
9.5 Network Support for Multimedia . . . . . . . . . . . . . . . . . . . . . . . . . 80
In the text you will find references to the figures in the book. This is for the 7th edition of
the book Computer Networking A Top Down Approach by Kurose and Ross. The figures
are useful for understanding the subjects.
, page 2 of 83
,Network and Network Security Summary CHoogteijling
1 Computer Networks and the Internet
1.1 What is the Internet?
1.1.1 A Nuts-and-Bolts Description
The Internet is a computer network that connects billions of computing devices around the
world. Hosts, or end systems, are the devices that connect to the Internet. Communication
links and packet switches connect the end systems to each other. Packets are the data that
is send over these links. The transmission rate is the amount of bits per second that can
travel over a link.
A packet switch collects a packet arriving on its incoming communication link and forwards
the packet on its outgoing communication link. A router is a packet switch mostly used in
the network core. A link-layer switch is a packet switch mostly used in access networks. A
route, or path, is the sequence of communication links and packet switches traversed by a
packet from the sending end system to the receiving end system.
An Internet Service Provider (ISP) is a system through which end systems access the Inter-
net. It provides a variety of types of network access, such as DSL, and mobile wireless access.
All ISPs in the Internet are interconnected and have a hierarchical structure. Each ISP net-
work is managed independently, runs the IP protocol, and conforms to certain naming and
address conventions.
All pieces of the Internet run protocols that control the sending and receiving of information
within the Internet, such as the Transmission Control Protocol (TCP), and the Internet
Protocol (IP).
The requests for comments (RFCs) are the Internet standards that are developed by the
Internet Engineering Task Force (IETF). They describe what each and every protocol does,
so that people can create systems and products that interoperate. The IEEE 802 LAN/MAN
Standards Committee specifies the Ethernet and wireless WiFi standards.
1.1.2 A Services Description
Distributed applications are applications that involve multiple end systems that exchange
data with each other. A socket interface specifies how a program running on one end system
asks the Internet infrastructure to deliver data to a specific destination program running on
another end system.
1.1.3 What Is a Protocol?
Network Protocols
A protocol defines the format and the order of messages exchanged between two or more
communicating entities, as well as the actions taken on the transmission and/or receipt of a
message or other event. All activity in the Internet that involves two or more communicating
remote entities is governed by a protocol.
1.2 The Network Edge
Hosts are sometimes divided as clients and servers, where a client can be a desktop and a
server can be a data center.
, page 3 of 83
, Network and Network Security Summary CHoogteijling
1.2.1 Access Networks
See figure 1.4 Access networks in the book Computer Networking A Top Down Approach
by Kurose and Ross 7th edition.
Home Access: DSL, Cable, FTTH, Dial-Up, and Satellite
A digital subscriber line (DSL) runs over the telephone line simultaneously, but at different
frequencies.
• A high-speed downstream channel, in the 50 kHz to 1 MHz band.
• A medium-speed upstream channel, in the 4 kHz to 50 kHz band.
• A two-way telephone channel, in the 0 to 4 kHz band.
Cable Internet access makes use of the cable television company’s cable television infrastruc-
ture. It is a shared broadcast medium, every packet sent by the head end travels downstream
on every link to every home and every packet sent by a home travels on the upstream channel
to the head end.
Fiber to the home (FTTH) provides an optical fiber path from the CO directly to the home.
It can provide Internet access rates in the gigabits per second range.
A satellite link or dial-up access can be used in locations where DSL, cable, and FTTH are
not available, but are extremely slow in comparison.
Access in the Enterprise (and the Home): Ethernet and WiFi
A local area network (LAN) is used to connect an end system to the edge router. Ethernet
is the most prevalent access technology in corporate, university, and home networks.
In a wireless LAN, users transmit and receive packets on an access point that is connected
into the enterprise’s network, which is connected to the wired Internet. It is based on IEEE
802.11 technology, also know as WiFi.
1.2.2 Physical Media
Physical media has two categories: guided media and unguided media. With guided media,
the waves are guided along a solid medium. With unguided media, the waves propagate in
the atmosphere and in outer space.
Twisted-Pair Copper Wire
Twisted pair copper wire is the least expensive and most commonly used guided transmission
medium. It consists of two insulated copper wires arranged in a regular spiral pattern.
They are twisted together to reduce the electrical interference from similar pairs close by.
Unshielded twisted pair (UTP) is commonly used for computer networks within a building.
It can achieve data rates of 10 Gbps.
Coaxial Cable
Coaxial cable consists of two copper conductor that are concentric. It is commonly used in
cable television systems and can be used as a guided shared medium.
, page 4 of 83
