IBA-ING arquitectura red - jorferal.files.wordpress.com · Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITM y ETSITV) Febrero-Junio, 2010 Arquitectura de la Red 2 3

Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITM y ETSITV)

Febrero-Junio, 2010

Arquitectura de la Red 1

CENTRE DE COMUNICACIONS AVANÇADES DE BANDA AMPLA UNIVERSITAT POLITÈCNICA DE CATALUNYA

Curso académico 2009/10

Internet de Banda Ancha Internet de Banda Ancha Internet de Nueva GeneraciónInternet de Nueva Generación

Arquitectura de la redArquitectura de la red

JordiJordi Domingo PascualDomingo Pascual

ETSETB UPCETSETB UPC

2

ÍndiceÍndice

Organización de la red

Arquitectura de la red

Nuevas tendencias en la arquitectura de la red


Febrero-Junio, 2010


3

ÍndiceÍndice




4

IANAIANA

The Internet Assigned Numbers Authority (IANA) is the body responsible for coordinating some of the key elements that keep the Internet running smoothly. Whilst the Internet is renowned for being a worldwide network free from central coordination, there is a technical need for some key parts of the Internet to be globally coordinated – and this coordination role is undertaken by IANA.


Febrero-Junio, 2010


5

IANA ActivitiesIANA Activities

Domain NamesIANA manages the DNS root, the .int and .arpadomains, and an IDN practices resource.

Number ResourcesIANA coordinates the global pool of IP and AS numbers, providing them to Regional Internet Registries.

Protocol AssignmentsInternet protocols’ numbering systems are managed by IANA in conjunction with standards bodies.

6

IANA organizationIANA organization

Regional Internet Registry (RIR)

National Internet registry (NIR)

Local Internet registry (LIR)

RIR AfriNIC Africa Region

APNIC Asia/Pacific Region

ARIN North America Region

LACNIC Latin America and some Caribbean Islands

RIPE NCC Europe, the Middle East, and Central Asia


Febrero-Junio, 2010


7

IANA organizationIANA organization

8

Domain NamesDomain Names

country code top-level domains (ccTLD): Used by a country or a dependent territory. It is two letters long, for example .us for the United States. With some historical exceptions, the code for any territory is the same as its two-letter ISO 3166 code.

generic top-level domains (gTLD): Used by a particular class of organizations (for example, .com for commercial organizations). It is three or more letters long. Most gTLDs are available for use worldwide, but for historical reasons .mil (military) and .gov(governmental) are restricted to use by the respective U.S. authorities. gTLDs are sub classified into sponsored top-level domains (sTLD), e.g. .aero, .coop and .museum, and unsponsored top-level domains (uTLD), e.g. .biz, .info, and .name.

infrastructure top-level domains (iTLD): The top-level domain .arpa .int, .root.

http://www.iana.org/domains/root/db/


Febrero-Junio, 2010


9

Internet Numbers (addresses)Internet Numbers (addresses)

Users are assigned IP addresses by Internet service providers (ISPs). ISPs obtain allocations of IP addresses from a local Internet registry (LIR) or national Internet registry (NIR), or from their appropriate Regional Internet Registry (RIR)

IPv4: http://www.iana.org/assignments/ipv4-address-space

IPv6: http://www.iana.org/assignments/ipv6-address-space

10

Protocol NumbersProtocol Numbers

IANA is responsible for maintaining many of the codes and numbers contained in a variety of Internet protocols, enumerated below. We provide this service in coordination with the Internet Engineering Task Force (IETF).

Address Family Numbers

Address Resolution Protocol (ARP) Parameters

Autonomous System (AS) Numbers

http://www.iana.org/protocols/

http://www.iana.org/assignments/as-numbers


Febrero-Junio, 2010


11

Autonomous SystemsAutonomous Systems

12

AS relationshipsAS relationships

The relationships between these networks are generally described by one of the following three categories: Transit - You pay money (or settlement) to another

network for Internet access (or transit).

Peer (or swap) - Two networks exchange traffic between each other's customers freely, and for mutual benefit.

Customer (or sell) - Another network pays you money to provide them with Internet access.


Febrero-Junio, 2010


13

Hierarchical OrganizationHierarchical Organization

Tier 1 - A network that can reach every other network on the Internet without purchasing IP transit.

Tier 2 - A network that peers with some networks, but still purchases IP transit to reach at least some portion of the Internet.

Tier 3 - A network that solely purchases transit from other networks to reach the Internet.

14


Febrero-Junio, 2010


15

16


Febrero-Junio, 2010


17

18

Motivations for peeringMotivations for peering

Increased capacity for extremely large amounts of traffic (distributing traffic across many networks).

Increased control over your traffic (reducing dependence on one or more transit providers).

Improved performance (attempting to bypass potential bottlenecks with a "direct" path).

Improved perception of your network (being able to claim a "higher tier").

Government regulations, or the desire to avoid the appearance of being a monopoly.


Febrero-Junio, 2010


19

20


Febrero-Junio, 2010


21

22


Febrero-Junio, 2010


23

24

Exchange PointsExchange Points

An Internet exchange point (IX or IXP) is a physical infrastructure that allows different Internet service providers (ISPs) to exchange traffic between their networks (autonomous systems) by means of mutual peering agreements, which allow traffic to be exchanged without cost.

European Internet Exchange Association http://www.euro-ix.net/

Espanix (punto neutro español) http://www.espanix.net/


Febrero-Junio, 2010


25

ÍndiceÍndice




26

Internet RequirementsInternet Requirements

Internetworking: existing networks must be interconnected. Robustness: Internet communication must continue despite loss

of networks or [routers]. Heterogeneity: The Internet architecture must accommodate a

variety of networks. Distributed management: The Internet architecture must permit

distributed management of its resources. Cost: The Internet architecture must be cost effective. Ease of Attachment: The Internet architecture must permit host

attachment with a low level of effort. Accountability: The resources used in the internet architecture

must be accountable.


Febrero-Junio, 2010


27

Network ArchitectureNetwork Architecture

Network architecture is a set of high-level design principles that guides the technical design of the network, especially the engineering of its protocols and algorithms.

28

Internet Architecture PrinciplesInternet Architecture Principles

A connectionless packet-forwarding infrastructure (“dumb network”) that positioned higher-level functionality at the edge of the network for robustness

A single least-common-denominator data delivery service at the internetwork layer, with different end-to-end services implemented in the transport (or application) layer above. This design supports both reliable stream and (unreliable) datagram service across the same connectionless infrastructure.


Febrero-Junio, 2010


29

Internet Architecture PrinciplesInternet Architecture Principles

Addresses that are fixed-size numerical quantities, with a simple (net, host) hierarchy

Addresses that are applied to physical network interfaces, which can therefore be overloaded for both naming a node and for routing to it.

30

Internet evolutionInternet evolution

Evolución continua y progresiva 1974-1980: separación TCP/IP

1980-1990: DNS, AS, CIDR, IGP/EGPorganización de la estructura de la red

1990s: control congestión TCP

Nuevas funciones: multicast, movilidad (MIP), QoS(IntServ, DiffServ),seguridad (IPSec)

Más funciones: Firewalls, NAT, web caches, VPN, IPv6


Febrero-Junio, 2010


31

Arquitectura fosilizadaArquitectura fosilizada

IPComplejidad: MobileIP, Mcast, IPSEC, tunneling

TCP Todo el tráfico ha de ser “TCP friendly”

Evitar UDP o cualquier otro protocolo

El funcionamiento (rendimiento) de la red depende de TCP

TCP diseñado para comunicaciones poco fiables, de baja velocidad y distancias pequeñas

32


IPComplejidad: MobileIP, Mcast, IPSEC, tunneling

TCP Todo el tráfico ha de ser “TCP friendly”Evitar UDP o cualquier otro protocoloEl funcionamiento (rendimiento) de la red depende

de TCP TCP diseñado para comunicaciones poco fiables,

de baja velocidad y distancias pequeñasNo modificar TCP !


Febrero-Junio, 2010


33


BGP La estabilidad de la red depende de BGP

Incremento del tamaño de las tablas BGP

No contempla caminos alternativos ni selección de rutas (QoS, TE)

Configuración muy compleja para funciones adicionales (proclive a errores)

34


BGP La estabilidad de la red depende de BGP

Incremento del tamaño de las tablas BGP

No contempla caminos alternativos ni selección de rutas (QoS, TE)

Configuración muy compleja para funciones adicionales (proclive a errores)

No modificar BGP !


Febrero-Junio, 2010


35

Arquitectura cuestionadaArquitectura cuestionada

NATAlivia la escasez de direcciones IPv4

No respeta el principio extremo-a-extremo

Impide comunicaciones extremo-a-extremo (P2P)

Uso extendido de los NAT como elemento de protección (único punto de acceso a la red)

36

Arquitectura cuestionadaArquitectura cuestionada

IPSECEncriptación extremo-a-extremoEsconde los protocolos de transporte (puertos) a

los ISP

FirewallNo respeta el principio extremo-a-extremoConfiguraciones “ad hoc”

Label Switching (MPLS)Unifica por debajo de IP pero es independiente del

encaminamiento IP


Febrero-Junio, 2010


37

Undesired relationsUndesired relations

NAT devices are incompatible with IPSEC encryption. This makes deployment of good network security at an appropriate level almost impossible.

Transparent web caches are incompatible with Secure Sockets Layer (SSL) or IPSEC authentication.

Diagnostic tools such as traceroute often give misleading results because some traffic is being intercepted by transparent networkentities such as web caches.

NAT devices need to look inside control protocols such as the FTP control channel to modify addresses and ports that are specified.

Deployment of new application protocols is made difficult by firewalls, with the result that new protocols are sometimes tunneled over inappropriate existing protocols to allow firewalltraversal.

38

Principales problemas actualesPrincipales problemas actuales

Seguridad: virus, worms, spam, phishing ataques de denegación de servicio (DoS) Complejidad AAAA

Fragilidad: Frecuentes fallos en los equipos y comportamiento no

previsible (convergencia de BGP)

Fiabilidad: Recuperación no previsible en caso de catástrofe Falta de planificación para fiabilidad Duplicación de funciones en capas (“cross-layer”)


Febrero-Junio, 2010


39


Soporte de terminales móviles Anywhere, anytime connected

Multi-homed mobile devices (V/H handover)

Soporte a transporte de datos (no audio/video) Multimedia (Future Media Internet)

P2P vs Client/server (User Centric Internet)

No adaptado a grandes flujos (TCP control loop) HDTV, SHD VoD, 3D HDV, modelos simulación

40


Calidad de servicio (garantías) Modelo de negocio para soporte de QoS

Escalabilidad Redes de sensores (Internet of the things)

Modelo económico sostenible Tarificación

Neutralidad de la red


Febrero-Junio, 2010


41

ÍndiceÍndice




42

RequirementsRequirements

Robust and available. The network should be as robust, fault-tolerant and available

as the wire-line telephone network is today.

Support mobile end-hosts. Laptops, Wi-Fi and cellular telephones make mobility

commonplace, rather than an exception. A new Internet should support mobility (and all the associated security, naming, routing and privileges) as seamlessly as it supports wired end-hosts today. It should also support future small sensor and ad-hoc networks, as well as RFID.


Febrero-Junio, 2010


43


Inherently secure. The network should be built on the premise that security is a

must, and it should be protected from denial of service attacks. While it might be impractical and unwise to build a network that is completely impervious to attack – after all, end-hosts are complex and under human control – the network should be secure enough for critical applications such as finance and banking, air-traffic control, and military communications.

Predictable. The user should know what to expect from the network, and it

should provide predictable and repeatable service. This might include guarantees on timely delivery of time-critical data, or guarantees that enough capacity is available when needed.

44


Economically viable and profitable. The network should be profitable for those who provide

service and build equipment, and – if necessary – be coupled with suitable regulation to create competition and incentives for improvement.

Evolvable. The network architecture should pre-suppose that it will

change and evolve over time – perhaps at the very lowest level. Its architecture and service model should not ossify and stifle improvement.

Support anonymity where prudent, and accountability where necessary.


Febrero-Junio, 2010


45

Areas of ResearchAreas of Research

Network Architecture

Heterogeneous Applications

Heterogeneous Physical Layers

Security

Economics and Policy

46

New Network ArchitectureNew Network Architecture

Rethink design philosophy that makes the Internet “smart” at the edges and “dumb” in the middle.

Some innovation so far:Overlay networks

MPLS

Virtualization


Febrero-Junio, 2010


47


Flows as first-class citizens. perhaps replacing the packet as the predominant unit for

manipulation inside switches and routers.

Network addressing. Internet addresses identify a physical network interface.

Instead, can addressing be made more intuitive, referring to services and people, rather than physical interfaces?

Routing protocols. How can we simplify routing protocols and make them more

reliable and stable?

48


Dynamic circuit switching. If the core of the network is to benefit from high capacity all-

optical switching, then should we deploy dynamic circuit switching? If so, how?

Backbone design. Today, backbone networks are hugely over-provisioned. Can

they be designed more efficiently, to be tolerant to failure, and predictable throughout their lifetime?

Cross-layer design. While we recognize the power of layering in network design, it

has inevitable inefficiencies. We will explore where interfaces belong, and what services each layer should provide.


Febrero-Junio, 2010


49


Models of the end-to-end principle. Can we capture the costs and utility of the end-to-end

principle in a mathematical model (analogous, say, to the successful "price of anarchy" program, which considered the cost of source routing based on delay information)?

Network virtualization. Is it possible to create a network infrastructure that is

continuously evolvable?

Exploiting structure. Can we exploit the way in which networks are used, and their

inherent structure? For example, it seems likely that tree-like access networks (optical, electrical, wireless and hybrids) willpersist, interconnected by a richly connected core.

50

Heterogeneous ApplicationsHeterogeneous Applications

Maximum utility resource allocation. What are the right notions of fairness for

heterogeneous applications?

Application-aware congestion control. Multi-path source routing. Flexible transport service. Multicast and anycast transport. Benefits of flow-based network design. Location-based services.


Febrero-Junio, 2010


51

Heterogeneous Physical LayersHeterogeneous Physical Layers

Optical Internet.

Impact of CMOS scaling.

Wireless Internet. Intrinsic mobility, interference between users, broadcast

capabilities, and dynamically changing link performance and network topology

Mobility support.

Ad hoc networks.

Resource allocation in heterogeneous networks.

52

SecuritySecurity

Block malware from spreading.

Identify compromised hosts in case malwaredoes spread.

Quarantine compromised hosts until they are fixed.


Febrero-Junio, 2010


53

Economics and PolicyEconomics and Policy

High level market structure. Investment costs.Regulation.Demand.

Low level economic primitives.Packet-based and flow-based value

identification.Contractual granularity. Incentive compatibility.Wireless spectrum allocation.

CENTRE DE COMUNICACIONS AVANÇADES DE BANDA AMPLA UNIVERSITAT POLITÈCNICA DE CATALUNYA

Curso académico 2009/10

Internet de Banda Ancha Internet de Banda Ancha Internet de Nueva GeneraciónInternet de Nueva Generación

Arquitectura de la redArquitectura de la red

JordiJordi Domingo PascualDomingo Pascual

ETSETB UPCETSETB UPC

Documents

IBA-ING arquitectura red - jorferal.files.wordpress.com · Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITM y ETSITV) Febrero-Junio, 2010 Arquitectura de la Red 2 3