tunneling continued end to end principle n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Tunneling Continued/ End-to-End Principle PowerPoint Presentation
Download Presentation
Tunneling Continued/ End-to-End Principle

Loading in 2 Seconds...

play fullscreen
1 / 9

Tunneling Continued/ End-to-End Principle - PowerPoint PPT Presentation


  • 73 Views
  • Uploaded on

Tunneling Continued/ End-to-End Principle. CS 4251: Computer Networking II Nick Feamster Spring 2008. Why Tunnel?. Security E.g., VPNs Flexibility Topology Protocol Bypassing local network engineers Oppressive regimes: China, Pakistan, TS… Compatibility/Interoperability

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Tunneling Continued/ End-to-End Principle' - eryk


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
tunneling continued end to end principle

Tunneling Continued/End-to-End Principle

CS 4251: Computer Networking IINick FeamsterSpring 2008

why tunnel
Why Tunnel?
  • Security
    • E.g., VPNs
  • Flexibility
    • Topology
    • Protocol
  • Bypassing local network engineers
    • Oppressive regimes: China, Pakistan, TS…
  • Compatibility/Interoperability
  • Dispersion/Logical grouping/Organization
  • Reliability
    • Fast Reroute, Resilient Overlay Networks (Akamai SureRoute)
  • Stability (“path pinning”)
    • E.g., for performance guarantees
mpls overview
MPLS Overview
  • Main idea: Virtual circuit
    • Packets forwarded based only on circuit identifier

Source 1

Destination

Source 2

Router can forward traffic to the same destination on different interfaces/paths.

circuit abstraction label swapping
Circuit Abstraction: Label Swapping

D

  • Label-switched paths (LSPs): Paths are “named” by the label at the path’s entry point
  • At each hop, label determines:
    • Outgoing interface
    • New label to attach
  • Label distribution protocol: responsible for disseminating signalling information

2

A

1

Tag Out New

3

A

2

D

layer 3 virtual private networks
Layer 3 Virtual Private Networks
  • Private communications over a public network
  • A set of sites that are allowed to communicate with each other
  • Defined by a set of administrative policies
    • determine both connectivity and QoS among sites
    • established by VPN customers
    • One way to implement: BGP/MPLS VPN mechanisms (RFC 2547)
placement of function
Placement of Function
  • “End to End Arguments in System Design”
    • One typically draws a box around the communication subsystemand defines an interface between it and the rest of the system
    • Once this boundary is defined, the question of where function should be placed is at the forefront
  • The “End-to-End Argument”
    • Function can be completely implemented only with the help of the application
    • Dumb network, smart endpoints
example file transfer
Example: File Transfer
  • Data could be corrupted or lost
    • In transit
    • At the receiver when read
    • In memory
  • Where should the checks for correct transmission be performed?
    • E2E argument says that the application should be the one to perform these checks (e.g., at the application layer)
examples of applying e2e
Examples of Applying E2E
  • Delivery guarantees
    • Application may not only need to know that a message was received, but also that the receiver acted on the message
  • Secure transmission of data
    • Network elements that transmit data must be trusted to securely manage keys, etc.
    • Authenticity of message must still be checked by application
    • Upshot: communicating subsystem does not need to provide management for all traffic
more examples
More Examples
  • Duplicate message suppression
    • Where should duplicates be supressed?
  • In-order message delivery