Overview

Network Interface Cards
Learning Bridge
Frame Switching
Learning Bridge
Frame Switching
Ethernet Network Design Criteria:
- distance
- load
- where to split the collision domain
- to route or to switch?
- speed and cost: value for money
- security and firewalls
IP and Ethernet network management:
- address assignments
- DHCP vs. fixed address assignment
- finding rogue hosts ("pick an IP address")
- home setups

Ethernet Evolution and Summary

Xerox
3 Mb/s system with 2- or 6-byte addresses
10-Base 5: coaxial 10Mb/s with vampire taps
10-Base 2 (thinwire): coaxial 10Mb/s with point-to-point
10-Base T: CAT-5 to hubs, no actual shared medium
100- and 1000 Mb/s Ethernet(s) over twisted pair or fiber
Ethernet is usually classified as: Carrier Sense Multiple Access (CSMA) with Collision Detection: CSMA/CD

Analog portion can:
- read and write bits
- detect and generate jamming signal
- synchronize to incoming preamble
Digital receive section:
- read destination address and discard unless for us or broadcast (configurable)
- discard if CRC does not match
- DMA to main memory
Digital transmit section:
- DMA, buffer, and send frame
- compute and send CRC
- retransmit in case of collision

A hub interconnects one or more NICs or hubs
receives a frame F from one of its ports
the hub must immediately forward F to all its other ports
if a transmission is in progress on another port, hub must drop both frames and jam all the ports
if a frame ends with a jamming signal, we must jam all other ports
a hub is a layer-1 device

like a hub, but we look at the frame header
if we get frames from A on port I, remember that
any future frames for A (within 60 seconds) can be sent only on port I, do not need to be sent on the other ports
advantages: breaks the collision domain
disadvantages: must buffer at least 6 bytes (may have to buffer entire frame)
a bridge is a layer-2 device
a bridge could interconnect different LAN technologies, by translating headers

like a learning bridge
hardware forwarding of frames from one interface to the next
buffering and queueing of frames for each interface
distributed spanning-tree algorithm used among switches to determine where to send broadcast frames
advantages: breaks the collision domain, reduces the number of collisions
disadvantages: may have to buffer entire frames, more complex
a switch is a layer-2 device

Hub: forward to all (physical layer)
Bridge: something interconnecting LANs (data link layer).
Switch: a bridge that uses hardware to forward packets (data link layer)
Gateway: old name for router (network layer).
Router: a box that forwards packets among networks (network layer).
IP switch: a router with hardware forwarding (network layer).
Firewall or NAT box: a forwarding engine that looks at and rewrites network and transport layer headers (transport layer).

star topology using hubs
at most 2500 m. with up to 4 repeaters between any two hosts (one hub to a central hub)
avoid collisions if possible:
- split into segments connected by switches, routers
- switch to 100Mb/s, Gb Ethernet
- connect 100Mb/s, Gb directly to switch (full-duplex mode)

likelihood that two hosts are waiting to send at end of current packet (assume all packets are the same size)
load (probability of 1 host wanting to send) is p
probability of collision is p²
cost of collision is: 1 packet lost to collision (plus latency), giving additional load: delta > sum_{i = 1 ... oo} p²ⁱ

Etherswitch:
- security considerations: who gets to see what packets? (faculty vs. students)
- performance: is it all-to-all, partitionable, or one server to many clients?
- single server case: put the server on its own high-speed link to the switch, every one else on slower shared links
- cost: more ports, or higher speeds?
router: all of the above, plus address (re)assignment considerations

anyone with root access can, with sufficient patience, read all the packets on the network
not all of the network traffic is encrypted (yet), especially passwords and emails
no ideal solution, try to make broadcasts smaller so only mutually trusted individuals can see each other's broadcasts
firewall (L4 switch): appropriate combinations of inside/outside and accessible/inaccessible
visitor finds data jack, plugs in, doesn't work, so visitor picks an IP address, works!
other host using the same IP address has intermittent problems (could use DHCP)

if using a router to split a network, all addresses in one subnet must be on one side, in the other subnet must be on the other side
assign IPs by location: "these addresses for the post building"
assign IPs by security split: "these addresses for the faculty"
assign IPs dynamically: DHCP

Dynamic assignment, on demand, of temporary IP address "leases"
a lease can be renewed, but no guarantees
hard let in someone outside, since IP may change:
- bad for servers
- good for security
DHCP block can be configured in firewall
harder to automatically snoop on specific host

partition the network and ping on both sides (very painful -- the network MUST stay up)
see (using ARP cache) which host(s) you are reaching on which side of a switch (ping will usually tell if it is getting duplicate replies)
in a small group, find all your visitors and anyone who has bought or is bringing in a laptop...

one host, H, connected to the internet
H does Network Address Translation (L4 translation) so:
- IP packets going out are rewritten to have H as source address, and usually a different source port
- incoming packets are rewritten to have the correct destination host and port number
- for ICMP Echo, can rewrite identifier
- for ICMP Error messages, need to look up port number in original header

for TCP we know when the connection ends, so can deallocate state in the NAT box
for UDP/ICMP we don't know when the connection is done, so we must cache
in case of loss of cached translation, we end up setting up a new connection with different local ports
internally, 10Mb/s or 100Mb/s hub-based Ethernet
externally modem over PPP or SLIP, cable modem, A/DSL