Upload
angel-fernando-rosas
View
220
Download
0
Embed Size (px)
Citation preview
8/10/2019 Iba-Ing Arquitectura Red
1/27
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITMy ETSITV)
Febrero-Junio, 2010
Arquitectura de la Red 1
CENTRE DE COMUNICACIONS AVANADES DE BANDA AMPLA
UNIVERSITAT POLITCNICA DE CATALUNYA
Curso acadmico 2009/10
Internet de Banda AnchaInternet de Banda AnchaInternet de Nueva GeneracinInternet de Nueva Generacin
Arquitectura de la redArquitectura de la redJordiJordi Domingo PascualDomingo Pascual
ETSETB UPCETSETB UPC
2
ndicendice
Organizacin de la red
Arquitectura de la red
Nuevas tendencias en la arquitectura de la red
8/10/2019 Iba-Ing Arquitectura Red
2/27
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITMy ETSITV)
Febrero-Junio, 2010
Arquitectura de la Red 2
3
ndicendice
Organizacin de la red
Arquitectura de la red
Nuevas tendencias en la arquitectura de la red
4
IANAIANA
The Internet Assigned Numbers Authority(IANA) is the body responsible for coordinatingsome of the key elements that keep the
Internet running smoothly. Whilst the Internetis renowned for being a worldwide networkfree from central coordination, there is atechnical need for some key parts of theInternet to be globally coordinated and thiscoordination role is undertaken by IANA.
8/10/2019 Iba-Ing Arquitectura Red
3/27
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITMy ETSITV)
Febrero-Junio, 2010
Arquitectura de la Red 3
5
IANA Activ itiesIANA Activ ities
Domain NamesIANA manages the DNS root, the .int and .arpadomains, and an IDN practices resource.
Number ResourcesIANA coordinates the global pool of IP and ASnumbers, providing them to Regional InternetRegistries.
Protocol AssignmentsInternet protocols numbering systems are managedby IANA in conjunction with standards bodies.
6
IANA organizationIANA organization
Regional Internet Registry (RIR)
National Internet registry (NIR)
Local Internet registry (LIR)
RIR AfriNIC Africa Region
APNIC Asia/Pacific Region
ARIN North America Region
LACNIC Latin America and some Caribbean Islands
RIPE NCC Europe, the Middle East, and Central Asia
8/10/2019 Iba-Ing Arquitectura Red
4/27
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITMy ETSITV)
Febrero-Junio, 2010
Arquitectura de la Red 4
7
IANA organizationIANA organization
8
Domain NamesDomain Names
country code top-level domains (ccTLD): Used by a country ora dependent territory. It is two letters long, for example .us for theUnited States. With some historical exceptions, the code for anyterritory is the same as its two-letter ISO 3166 code.
generic top-level domains (gTLD): Used by a particular class of
organizations (for example, .com for commercial organizations). Itis three or more letters long. Most gTLDs are available for useworldwide, but for historical reasons .mil (military) and .gov(governmental) are restricted to use by the respective U.S.authorities. gTLDs are sub classified into sponsored top-leveldomains (sTLD), e.g. .aero, .coop and .museum, andunsponsored top-level domains (uTLD), e.g. .biz, .info, and.name.
infrastructure top-level domains (iTLD): The top-level domain.arpa .int, .root.
http://www.iana.org/domains/root/db/
8/10/2019 Iba-Ing Arquitectura Red
5/27
8/10/2019 Iba-Ing Arquitectura Red
6/27
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITMy ETSITV)
Febrero-Junio, 2010
Arquitectura de la Red 6
11
Autonomous SystemsAutonomous Systems
12
AS relationshipsAS relationships
The relationships between these networks aregenerally described by one of the followingthree categories:Transit - You pay money (or settlement) to another
network for Internet access (or transit).
Peer (or swap) - Two networks exchange trafficbetween each other's customers freely, and formutual benefit.
Customer (or sell) - Another network pays youmoney to provide them with Internet access.
8/10/2019 Iba-Ing Arquitectura Red
7/27
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITMy ETSITV)
Febrero-Junio, 2010
Arquitectura de la Red 7
13
Hierarchical OrganizationHierarchical Organization
Tier 1 - A network that can reach every othernetwork on the Internet without purchasing IPtransit.
Tier 2 - A network that peers with somenetworks, but still purchases IP transit to reachat least some portion of the Internet.
Tier 3 - A network that solely purchases transitfrom other networks to reach the Internet.
14
8/10/2019 Iba-Ing Arquitectura Red
8/27
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITMy ETSITV)
Febrero-Junio, 2010
Arquitectura de la Red 8
15
16
8/10/2019 Iba-Ing Arquitectura Red
9/27
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITMy ETSITV)
Febrero-Junio, 2010
Arquitectura de la Red 9
17
18
Motivations for peeringMotivations for peering
Increased capacity for extremely large amounts oftraffic (distributing traffic across many networks).
Increased control over your traffic (reducing
dependence on one or more transit providers). Improved performance (attempting to bypass potential
bottlenecks with a "direct" path).
Improved perception of your network (being able toclaim a "higher tier").
Government regulations, or the desire to avoid theappearance of being a monopoly.
8/10/2019 Iba-Ing Arquitectura Red
10/27
8/10/2019 Iba-Ing Arquitectura Red
11/27
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITMy ETSITV)
Febrero-Junio, 2010
Arquitectura de la Red 11
21
22
8/10/2019 Iba-Ing Arquitectura Red
12/27
8/10/2019 Iba-Ing Arquitectura Red
13/27
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITMy ETSITV)
Febrero-Junio, 2010
Arquitectura de la Red 13
25
ndicendice
Organizacin de la red
Arquitectura de la red
Nuevas tendencias en la arquitectura de la red
26
Internet RequirementsInternet Requirements
Internetworking: existing networks must be interconnected. Robustness: Internet communication must continue despite loss
of networks or [routers]. Heterogeneity: The Internet architecture must accommodate a
variety of networks. Distributed management: The Internet architecture must permit
distributed management of its resources. Cost: The Internet architecture must be cost effective. Ease of Attachment: The Internet architecture must permit host
attachment with a low level of effort. Accountability: The resources used in the internet architecture
must be accountable.
8/10/2019 Iba-Ing Arquitectura Red
14/27
8/10/2019 Iba-Ing Arquitectura Red
15/27
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITMy ETSITV)
Febrero-Junio, 2010
Arquitectura de la Red 15
29
Internet Architecture PrinciplesInternet Architecture Principles
Addresses that are fixed-size numericalquantities, with a simple (net, host) hierarchy
Addresses that are applied to physical networkinterfaces, which can therefore be overloadedfor both naming a node and for routing to it.
30
Internet evolutionInternet evolution
Evolucin continua y progresiva 1974-1980: separacin TCP/IP
1980-1990: DNS, AS, CIDR, IGP/EGP
organizacin de la estructura de la red 1990s: control congestin TCP
Nuevas funciones: multicast, movilidad (MIP), QoS(IntServ, DiffServ),seguridad (IPSec)
Ms funciones: Firewalls, NAT, web caches, VPN,IPv6
8/10/2019 Iba-Ing Arquitectura Red
16/27
8/10/2019 Iba-Ing Arquitectura Red
17/27
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITMy ETSITV)
Febrero-Junio, 2010
Arquitectura de la Red 17
33
Arquitectura fosilizadaArquitectura fosilizada
BGP La estabilidad de la red depende de BGP
Incremento del tamao de las tablas BGP
No contempla caminos alternativos ni seleccin derutas (QoS, TE)
Configuracin muy compleja para funciones
adicionales (proclive a errores)
34
Arquitectura fosilizadaArquitectura fosilizada
BGP La estabilidad de la red depende de BGP
Incremento del tamao de las tablas BGP
No contempla caminos alternativos ni seleccin derutas (QoS, TE)
Configuracin muy compleja para funcionesadicionales (proclive a errores)
No modif icar BGP !
8/10/2019 Iba-Ing Arquitectura Red
18/27
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITMy ETSITV)
Febrero-Junio, 2010
Arquitectura de la Red 18
35
Arquitectura cuestionadaArquitectura cuestionada
NATAlivia la escasez de direcciones IPv4
No respeta el principio extremo-a-extremo
Impide comunicaciones extremo-a-extremo (P2P)
Uso extendido de los NAT como elemento deproteccin (nico punto de acceso a la red)
36
Arquitectura cuestionadaArquitectura cuestionada
IPSECEncriptacin extremo-a-extremoEsconde los protocolos de transporte (puertos) a
los ISP FirewallNo respeta el principio extremo-a-extremoConfiguraciones ad hoc
Label Switching (MPLS)Unifica por debajo de IP pero es independiente del
encaminamiento IP
8/10/2019 Iba-Ing Arquitectura Red
19/27
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITMy ETSITV)
Febrero-Junio, 2010
Arquitectura de la Red 19
37
Undesired relationsUndesired relations
NAT devices are incompatible with IPSEC encryption. This makesdeployment of good network security at an appropriate levelalmost impossible.
Transparent web caches are incompatible with Secure SocketsLayer (SSL) or IPSEC authentication.
Diagnostic tools such as traceroute often give misleading resultsbecause some traffic is being intercepted by transparent networkentities such as web caches.
NAT devices need to look inside control protocols such as theFTP control channel to modify addresses and ports that are
specified. Deployment of new application protocols is made difficult byfirewalls, with the result that new protocols are sometimestunneled over inappropriate existing protocols to allow firewalltraversal.
38
Principales problemas actualesPrincipales problemas actuales
Seguridad: virus, worms, spam, phishing ataques de denegacin de servicio (DoS) Complejidad AAAA
Fragilidad: Frecuentes fallos en los equipos y comportamiento no
previsible (convergencia de BGP)
Fiabilidad: Recuperacin no previsible en caso de catstrofe Falta de planificacin para fiabilidad Duplicacin de funciones en capas (cross-layer)
8/10/2019 Iba-Ing Arquitectura Red
20/27
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITMy ETSITV)
Febrero-Junio, 2010
Arquitectura de la Red 20
39
Principales problemas actualesPrincipales problemas actuales
Soporte de terminales mviles Anywhere, anytime connected
Multi-homed mobile devices (V/H handover)
Soporte a transporte de datos (no audio/video) Multimedia (Future Media Internet)
P2P vs Client/server (User Centric Internet)
No adaptado a grandes flujos (TCP control loop) HDTV, SHD VoD, 3D HDV, modelos simulacin
40
Principales problemas actualesPrincipales problemas actuales
Calidad de servicio (garantas) Modelo de negocio para soporte de QoS
Escalabilidad Redes de sensores (Internet of the things)
Modelo econmico sostenible Tarificacin
Neutralidad de la red
8/10/2019 Iba-Ing Arquitectura Red
21/27
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITMy ETSITV)
Febrero-Junio, 2010
Arquitectura de la Red 21
41
ndicendice
Organizacin de la red
Arquitectura de la red
Nuevas tendencias en la arquitectura de la red
42
RequirementsRequirements
Robust and available. The network should be as robust, fault-tolerant and available
as the wire-line telephone network is today.
Support mobile end-hosts. Laptops, Wi-Fi and cellular telephones make mobility
commonplace, rather than an exception. A new Internetshould support mobility (and all the associated security,naming, routing and privileges) as seamlessly as it supportswired end-hosts today. It should also support future smallsensor and ad-hoc networks, as well as RFID.
8/10/2019 Iba-Ing Arquitectura Red
22/27
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITMy ETSITV)
Febrero-Junio, 2010
Arquitectura de la Red 22
43
RequirementsRequirements
Inherently secure. The network should be built on the premise that security is a
must, and it should be protected from denial of serviceattacks. While it might be impractical and unwise to build anetwork that is completely impervious to attack after all, end-hosts are complex and under human control the networkshould be secure enough for critical applications such asfinance and banking, air-traffic control, and militarycommunications.
Predictable. The user should know what to expect from the network, and it
should provide predictable and repeatable service. This mightinclude guarantees on timely delivery of time-critical data, orguarantees that enough capacity is available when needed.
44
RequirementsRequirements
Economically viable and profitable. The network should be profitable for those who provide
service and build equipment, and if necessary be coupledwith suitable regulation to create competition and incentivesfor improvement.
Evolvable. The network architecture should pre-suppose that it will
change and evolve over time perhaps at the very lowestlevel. Its architecture and service model should not ossify andstifle improvement.
Support anonymity where prudent, and accountabilitywhere necessary.
8/10/2019 Iba-Ing Arquitectura Red
23/27
8/10/2019 Iba-Ing Arquitectura Red
24/27
8/10/2019 Iba-Ing Arquitectura Red
25/27
8/10/2019 Iba-Ing Arquitectura Red
26/27
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITMy ETSITV)
Febrero-Junio, 2010
Arquitectura de la Red 26
51
Heterogeneous Physical LayersHeterogeneous Physical Layers
Optical Internet.
Impact of CMOS scaling.
Wireless Internet.
Intrinsic mobility, interference between users, broadcastcapabilities, and dynamically changing link performance andnetwork topology
Mobility support.
Ad hoc networks.
Resource allocation in heterogeneous networks.
52
SecuritySecurity
Block malware from spreading.
Identify compromised hosts in case malwaredoes spread.
Quarantine compromised hosts until they arefixed.
8/10/2019 Iba-Ing Arquitectura Red
27/27
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITMy ETSITV)
Febrero-Junio, 2010
53
Economics and PolicyEconomics and Policy
High level market st ructure. Investment costs.
Regulation.
Demand.
Low level economic primitives.Packet-based and flow-based value
identification.Contractual granularity.
Incentive compatibili ty.
Wireless spectrum allocation.
CENTRE DE COMUNICACIONS AVANADES DE BANDA AMPLAUNIVERSITAT POLITCNICA DE CATALUNYA
Curso acadmico 2009/10
Internet de Banda AnchaInternet de Banda Ancha
Internet de Nueva GeneracinInternet de Nueva Generacin
Arquitectura de la redArquitectura de la red
JordiJordi Domingo PascualDomingo Pascual
ETSETB UPCETSETB UPC