iba-ing arquitectura red - jorferal.files.wordpress.com · internet de banda ancha, asignatura...
TRANSCRIPT
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITM y ETSITV)
Febrero-Junio, 2010
Arquitectura de la Red 1
CENTRE DE COMUNICACIONS AVANÇADES DE BANDA AMPLA UNIVERSITAT POLITÈCNICA DE CATALUNYA
Curso académico 2009/10
Internet de Banda Ancha Internet de Banda Ancha Internet de Nueva GeneraciónInternet de Nueva Generación
Arquitectura de la redArquitectura de la red
JordiJordi Domingo PascualDomingo Pascual
ETSETB UPCETSETB UPC
2
ÍndiceÍndice
Organización de la red
Arquitectura de la red
Nuevas tendencias en la arquitectura de la red
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITM y ETSITV)
Febrero-Junio, 2010
Arquitectura de la Red 2
3
ÍndiceÍndice
Organización de la red
Arquitectura de la red
Nuevas tendencias en la arquitectura de la red
4
IANAIANA
The Internet Assigned Numbers Authority (IANA) is the body responsible for coordinating some of the key elements that keep the Internet running smoothly. Whilst the Internet is renowned for being a worldwide network free from central coordination, there is a technical need for some key parts of the Internet to be globally coordinated – and this coordination role is undertaken by IANA.
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITM y ETSITV)
Febrero-Junio, 2010
Arquitectura de la Red 3
5
IANA ActivitiesIANA Activities
Domain NamesIANA manages the DNS root, the .int and .arpadomains, and an IDN practices resource.
Number ResourcesIANA coordinates the global pool of IP and AS numbers, providing them to Regional Internet Registries.
Protocol AssignmentsInternet protocols’ numbering systems are managed by IANA in conjunction with standards bodies.
6
IANA organizationIANA organization
Regional Internet Registry (RIR)
National Internet registry (NIR)
Local Internet registry (LIR)
RIR AfriNIC Africa Region
APNIC Asia/Pacific Region
ARIN North America Region
LACNIC Latin America and some Caribbean Islands
RIPE NCC Europe, the Middle East, and Central Asia
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITM y ETSITV)
Febrero-Junio, 2010
Arquitectura de la Red 4
7
IANA organizationIANA organization
8
Domain NamesDomain Names
country code top-level domains (ccTLD): Used by a country or a dependent territory. It is two letters long, for example .us for the United States. With some historical exceptions, the code for any territory is the same as its two-letter ISO 3166 code.
generic top-level domains (gTLD): Used by a particular class of organizations (for example, .com for commercial organizations). It is three or more letters long. Most gTLDs are available for use worldwide, but for historical reasons .mil (military) and .gov(governmental) are restricted to use by the respective U.S. authorities. gTLDs are sub classified into sponsored top-level domains (sTLD), e.g. .aero, .coop and .museum, and unsponsored top-level domains (uTLD), e.g. .biz, .info, and .name.
infrastructure top-level domains (iTLD): The top-level domain .arpa .int, .root.
http://www.iana.org/domains/root/db/
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITM y ETSITV)
Febrero-Junio, 2010
Arquitectura de la Red 5
9
Internet Numbers (addresses)Internet Numbers (addresses)
Users are assigned IP addresses by Internet service providers (ISPs). ISPs obtain allocations of IP addresses from a local Internet registry (LIR) or national Internet registry (NIR), or from their appropriate Regional Internet Registry (RIR)
IPv4: http://www.iana.org/assignments/ipv4-address-space
IPv6: http://www.iana.org/assignments/ipv6-address-space
10
Protocol NumbersProtocol Numbers
IANA is responsible for maintaining many of the codes and numbers contained in a variety of Internet protocols, enumerated below. We provide this service in coordination with the Internet Engineering Task Force (IETF).
Address Family Numbers
Address Resolution Protocol (ARP) Parameters
Autonomous System (AS) Numbers
http://www.iana.org/protocols/
http://www.iana.org/assignments/as-numbers
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITM y ETSITV)
Febrero-Junio, 2010
Arquitectura de la Red 6
11
Autonomous SystemsAutonomous Systems
12
AS relationshipsAS relationships
The relationships between these networks are generally described by one of the following three categories: Transit - You pay money (or settlement) to another
network for Internet access (or transit).
Peer (or swap) - Two networks exchange traffic between each other's customers freely, and for mutual benefit.
Customer (or sell) - Another network pays you money to provide them with Internet access.
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITM y ETSITV)
Febrero-Junio, 2010
Arquitectura de la Red 7
13
Hierarchical OrganizationHierarchical Organization
Tier 1 - A network that can reach every other network on the Internet without purchasing IP transit.
Tier 2 - A network that peers with some networks, but still purchases IP transit to reach at least some portion of the Internet.
Tier 3 - A network that solely purchases transit from other networks to reach the Internet.
14
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITM y ETSITV)
Febrero-Junio, 2010
Arquitectura de la Red 8
15
16
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITM y ETSITV)
Febrero-Junio, 2010
Arquitectura de la Red 9
17
18
Motivations for peeringMotivations for peering
Increased capacity for extremely large amounts of traffic (distributing traffic across many networks).
Increased control over your traffic (reducing dependence on one or more transit providers).
Improved performance (attempting to bypass potential bottlenecks with a "direct" path).
Improved perception of your network (being able to claim a "higher tier").
Government regulations, or the desire to avoid the appearance of being a monopoly.
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITM y ETSITV)
Febrero-Junio, 2010
Arquitectura de la Red 10
19
20
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITM y ETSITV)
Febrero-Junio, 2010
Arquitectura de la Red 11
21
22
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITM y ETSITV)
Febrero-Junio, 2010
Arquitectura de la Red 12
23
24
Exchange PointsExchange Points
An Internet exchange point (IX or IXP) is a physical infrastructure that allows different Internet service providers (ISPs) to exchange traffic between their networks (autonomous systems) by means of mutual peering agreements, which allow traffic to be exchanged without cost.
European Internet Exchange Association http://www.euro-ix.net/
Espanix (punto neutro español) http://www.espanix.net/
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITM y ETSITV)
Febrero-Junio, 2010
Arquitectura de la Red 13
25
ÍndiceÍndice
Organización de la red
Arquitectura de la red
Nuevas tendencias en la arquitectura de la red
26
Internet RequirementsInternet Requirements
Internetworking: existing networks must be interconnected. Robustness: Internet communication must continue despite loss
of networks or [routers]. Heterogeneity: The Internet architecture must accommodate a
variety of networks. Distributed management: The Internet architecture must permit
distributed management of its resources. Cost: The Internet architecture must be cost effective. Ease of Attachment: The Internet architecture must permit host
attachment with a low level of effort. Accountability: The resources used in the internet architecture
must be accountable.
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITM y ETSITV)
Febrero-Junio, 2010
Arquitectura de la Red 14
27
Network ArchitectureNetwork Architecture
Network architecture is a set of high-level design principles that guides the technical design of the network, especially the engineering of its protocols and algorithms.
28
Internet Architecture PrinciplesInternet Architecture Principles
A connectionless packet-forwarding infrastructure (“dumb network”) that positioned higher-level functionality at the edge of the network for robustness
A single least-common-denominator data delivery service at the internetwork layer, with different end-to-end services implemented in the transport (or application) layer above. This design supports both reliable stream and (unreliable) datagram service across the same connectionless infrastructure.
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITM y ETSITV)
Febrero-Junio, 2010
Arquitectura de la Red 15
29
Internet Architecture PrinciplesInternet Architecture Principles
Addresses that are fixed-size numerical quantities, with a simple (net, host) hierarchy
Addresses that are applied to physical network interfaces, which can therefore be overloaded for both naming a node and for routing to it.
30
Internet evolutionInternet evolution
Evolución continua y progresiva 1974-1980: separación TCP/IP
1980-1990: DNS, AS, CIDR, IGP/EGPorganización de la estructura de la red
1990s: control congestión TCP
Nuevas funciones: multicast, movilidad (MIP), QoS(IntServ, DiffServ),seguridad (IPSec)
Más funciones: Firewalls, NAT, web caches, VPN, IPv6
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITM y ETSITV)
Febrero-Junio, 2010
Arquitectura de la Red 16
31
Arquitectura fosilizadaArquitectura fosilizada
IPComplejidad: MobileIP, Mcast, IPSEC, tunneling
TCP Todo el tráfico ha de ser “TCP friendly”
Evitar UDP o cualquier otro protocolo
El funcionamiento (rendimiento) de la red depende de TCP
TCP diseñado para comunicaciones poco fiables, de baja velocidad y distancias pequeñas
32
Arquitectura fosilizadaArquitectura fosilizada
IPComplejidad: MobileIP, Mcast, IPSEC, tunneling
TCP Todo el tráfico ha de ser “TCP friendly”Evitar UDP o cualquier otro protocoloEl funcionamiento (rendimiento) de la red depende
de TCP TCP diseñado para comunicaciones poco fiables,
de baja velocidad y distancias pequeñasNo modificar TCP !
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITM y ETSITV)
Febrero-Junio, 2010
Arquitectura de la Red 17
33
Arquitectura fosilizadaArquitectura fosilizada
BGP La estabilidad de la red depende de BGP
Incremento del tamaño de las tablas BGP
No contempla caminos alternativos ni selección de rutas (QoS, TE)
Configuración muy compleja para funciones adicionales (proclive a errores)
34
Arquitectura fosilizadaArquitectura fosilizada
BGP La estabilidad de la red depende de BGP
Incremento del tamaño de las tablas BGP
No contempla caminos alternativos ni selección de rutas (QoS, TE)
Configuración muy compleja para funciones adicionales (proclive a errores)
No modificar BGP !
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITM y ETSITV)
Febrero-Junio, 2010
Arquitectura de la Red 18
35
Arquitectura cuestionadaArquitectura cuestionada
NATAlivia la escasez de direcciones IPv4
No respeta el principio extremo-a-extremo
Impide comunicaciones extremo-a-extremo (P2P)
Uso extendido de los NAT como elemento de protección (único punto de acceso a la red)
36
Arquitectura cuestionadaArquitectura cuestionada
IPSECEncriptación extremo-a-extremoEsconde los protocolos de transporte (puertos) a
los ISP
FirewallNo respeta el principio extremo-a-extremoConfiguraciones “ad hoc”
Label Switching (MPLS)Unifica por debajo de IP pero es independiente del
encaminamiento IP
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITM y ETSITV)
Febrero-Junio, 2010
Arquitectura de la Red 19
37
Undesired relationsUndesired relations
NAT devices are incompatible with IPSEC encryption. This makes deployment of good network security at an appropriate level almost impossible.
Transparent web caches are incompatible with Secure Sockets Layer (SSL) or IPSEC authentication.
Diagnostic tools such as traceroute often give misleading results because some traffic is being intercepted by transparent networkentities such as web caches.
NAT devices need to look inside control protocols such as the FTP control channel to modify addresses and ports that are specified.
Deployment of new application protocols is made difficult by firewalls, with the result that new protocols are sometimes tunneled over inappropriate existing protocols to allow firewalltraversal.
38
Principales problemas actualesPrincipales problemas actuales
Seguridad: virus, worms, spam, phishing ataques de denegación de servicio (DoS) Complejidad AAAA
Fragilidad: Frecuentes fallos en los equipos y comportamiento no
previsible (convergencia de BGP)
Fiabilidad: Recuperación no previsible en caso de catástrofe Falta de planificación para fiabilidad Duplicación de funciones en capas (“cross-layer”)
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITM y ETSITV)
Febrero-Junio, 2010
Arquitectura de la Red 20
39
Principales problemas actualesPrincipales problemas actuales
Soporte de terminales móviles Anywhere, anytime connected
Multi-homed mobile devices (V/H handover)
Soporte a transporte de datos (no audio/video) Multimedia (Future Media Internet)
P2P vs Client/server (User Centric Internet)
No adaptado a grandes flujos (TCP control loop) HDTV, SHD VoD, 3D HDV, modelos simulación
40
Principales problemas actualesPrincipales problemas actuales
Calidad de servicio (garantías) Modelo de negocio para soporte de QoS
Escalabilidad Redes de sensores (Internet of the things)
Modelo económico sostenible Tarificación
Neutralidad de la red
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITM y ETSITV)
Febrero-Junio, 2010
Arquitectura de la Red 21
41
ÍndiceÍndice
Organización de la red
Arquitectura de la red
Nuevas tendencias en la arquitectura de la red
42
RequirementsRequirements
Robust and available. The network should be as robust, fault-tolerant and available
as the wire-line telephone network is today.
Support mobile end-hosts. Laptops, Wi-Fi and cellular telephones make mobility
commonplace, rather than an exception. A new Internet should support mobility (and all the associated security, naming, routing and privileges) as seamlessly as it supports wired end-hosts today. It should also support future small sensor and ad-hoc networks, as well as RFID.
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITM y ETSITV)
Febrero-Junio, 2010
Arquitectura de la Red 22
43
RequirementsRequirements
Inherently secure. The network should be built on the premise that security is a
must, and it should be protected from denial of service attacks. While it might be impractical and unwise to build a network that is completely impervious to attack – after all, end-hosts are complex and under human control – the network should be secure enough for critical applications such as finance and banking, air-traffic control, and military communications.
Predictable. The user should know what to expect from the network, and it
should provide predictable and repeatable service. This might include guarantees on timely delivery of time-critical data, or guarantees that enough capacity is available when needed.
44
RequirementsRequirements
Economically viable and profitable. The network should be profitable for those who provide
service and build equipment, and – if necessary – be coupled with suitable regulation to create competition and incentives for improvement.
Evolvable. The network architecture should pre-suppose that it will
change and evolve over time – perhaps at the very lowest level. Its architecture and service model should not ossify and stifle improvement.
Support anonymity where prudent, and accountability where necessary.
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITM y ETSITV)
Febrero-Junio, 2010
Arquitectura de la Red 23
45
Areas of ResearchAreas of Research
Network Architecture
Heterogeneous Applications
Heterogeneous Physical Layers
Security
Economics and Policy
46
New Network ArchitectureNew Network Architecture
Rethink design philosophy that makes the Internet “smart” at the edges and “dumb” in the middle.
Some innovation so far:Overlay networks
MPLS
Virtualization
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITM y ETSITV)
Febrero-Junio, 2010
Arquitectura de la Red 24
47
New Network ArchitectureNew Network Architecture
Flows as first-class citizens. perhaps replacing the packet as the predominant unit for
manipulation inside switches and routers.
Network addressing. Internet addresses identify a physical network interface.
Instead, can addressing be made more intuitive, referring to services and people, rather than physical interfaces?
Routing protocols. How can we simplify routing protocols and make them more
reliable and stable?
48
New Network ArchitectureNew Network Architecture
Dynamic circuit switching. If the core of the network is to benefit from high capacity all-
optical switching, then should we deploy dynamic circuit switching? If so, how?
Backbone design. Today, backbone networks are hugely over-provisioned. Can
they be designed more efficiently, to be tolerant to failure, and predictable throughout their lifetime?
Cross-layer design. While we recognize the power of layering in network design, it
has inevitable inefficiencies. We will explore where interfaces belong, and what services each layer should provide.
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITM y ETSITV)
Febrero-Junio, 2010
Arquitectura de la Red 25
49
New Network ArchitectureNew Network Architecture
Models of the end-to-end principle. Can we capture the costs and utility of the end-to-end
principle in a mathematical model (analogous, say, to the successful "price of anarchy" program, which considered the cost of source routing based on delay information)?
Network virtualization. Is it possible to create a network infrastructure that is
continuously evolvable?
Exploiting structure. Can we exploit the way in which networks are used, and their
inherent structure? For example, it seems likely that tree-like access networks (optical, electrical, wireless and hybrids) willpersist, interconnected by a richly connected core.
50
Heterogeneous ApplicationsHeterogeneous Applications
Maximum utility resource allocation. What are the right notions of fairness for
heterogeneous applications?
Application-aware congestion control. Multi-path source routing. Flexible transport service. Multicast and anycast transport. Benefits of flow-based network design. Location-based services.
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITM y ETSITV)
Febrero-Junio, 2010
Arquitectura de la Red 26
51
Heterogeneous Physical LayersHeterogeneous Physical Layers
Optical Internet.
Impact of CMOS scaling.
Wireless Internet. Intrinsic mobility, interference between users, broadcast
capabilities, and dynamically changing link performance and network topology
Mobility support.
Ad hoc networks.
Resource allocation in heterogeneous networks.
52
SecuritySecurity
Block malware from spreading.
Identify compromised hosts in case malwaredoes spread.
Quarantine compromised hosts until they are fixed.
Internet de Banda Ancha, asignatura distribuida (ETSETB, ETSITM y ETSITV)
Febrero-Junio, 2010
Arquitectura de la Red 27
53
Economics and PolicyEconomics and Policy
High level market structure. Investment costs.Regulation.Demand.
Low level economic primitives.Packet-based and flow-based value
identification.Contractual granularity. Incentive compatibility.Wireless spectrum allocation.
CENTRE DE COMUNICACIONS AVANÇADES DE BANDA AMPLA UNIVERSITAT POLITÈCNICA DE CATALUNYA
Curso académico 2009/10
Internet de Banda Ancha Internet de Banda Ancha Internet de Nueva GeneraciónInternet de Nueva Generación
Arquitectura de la redArquitectura de la red
JordiJordi Domingo PascualDomingo Pascual
ETSETB UPCETSETB UPC