1 of 51

Intro to Networking

CS 161 - Lecture 16

Computer Science 161

2 of 51

Announcements

  • Homework 5 is due Monday, July 26th, 11:59 PM PT.
  • If you’d like to talk about your Project 2 design with a TA, we are offering optional 15-minute design reviews this week.
    • Please limit to one appointment per group.
  • Project 1 writeup grades are released on Gradescope. Feel free to submit a regrade request if you spot a mistake.
  • The Project 2 design doc draft is due Wednesday, July 21st, 11:59 PM PT.
  • Optional Lab 1 is due Wednesday, August 11th, 11:59 PM PT.

2

Computer Science 161

3 of 51

Last Time: SQL Injection

  • Web servers interact with databases to store data
    • Web servers use SQL to interact with databases
  • SQL injection: Untrusted input is used as parsed SQL
    • The attacker can construct their own queries to run on the SQL server!
    • Blind SQL injection: SQLi with little to no feedback from the SQL query
    • Defense: Input sanitization
      • Difficult to implement correctly
    • Defense: Prepared statements
      • Data only ever treated as data; bulletproof!
  • Command injection: Untrusted input is used as any parsed language
    • Defense: Keep it simple and use safe API calls

3

Computer Science 161

4 of 51

Last Time: CAPTCHAs

  • CAPTCHA: A challenge that is easy for a human to solve, but hard for a computer to solve
    • Examples: Reading distorted text, identifying images
    • Original purpose: Distinguishing between humans and bots
    • Modern purpose: Forces the attacker to spend some money to solve the CAPTCHAs
    • Modern purpose: Providing training data for machine learning algorithms
  • Issues with CAPTCHAs
    • As computer algorithms get smarter, CAPTCHAs get harder, and not all humans are able to solve them easily
    • Ambiguity: CAPTCHAs might be so hard that the validator doesn't know the solution either!
    • Not all bots are bad

4

Computer Science 161

5 of 51

Today: Intro to Networking

  • Internet: A global network of computers
  • OSI model: A layered model of protocols

5

Computer Science 161

6 of 51

What’s the Internet?

6

Computer Science 161

7 of 51

What’s the Internet?

  • Network: A set of connected machines that can communicate with each other
    • Machines on the network agree on a protocol, a set of rules for communication
  • Internet: A global network of computers
    • The web sends data between browsers and servers using the Internet
    • The Internet can be used for more than the web (e.g. SSH)

7

Computer Science 161

8 of 51

Protocols

  • A protocol is an agreement on how to communicate that specifies syntax and semantics
    • Syntax: How a communication is specified and structured (format, order of messages)
    • Semantics: What a communication means (actions taken when sending/receiving messages)
  • Example: Protocol for asking a question in lecture?
  • The student should raise their hand
  • The student should wait to be called on by the speaker or wait for the speaker to pause
  • The student should speak the question after being called on or after waiting
  • If the student has been unrecognized after some time: Vocalize with “Excuse me!”

8

Computer Science 161

9 of 51

Layering: The OSI Model

9

Computer Science 161

10 of 51

Layering

  • Internet design is partitioned into various layers. Each layer…
    • Has a protocol
    • Relies on services provided by the layer below it
    • Provides services to the layer above it
  • Analogous to the structure of an application and the “services” that each layer relies on and provides

10

Code You Write

Run-Time Library

System Calls

Device Drivers

Voltage Levels/Magnetic Domains

Fully isolated from user programs

Computer Science 161

11 of 51

Example: Sending Mail

11

Alice

Bob

I am hungry.

Computer Science 161

12 of 51

Example: Sending Mail

12

Alice

Bob

Send to: Bob

I am hungry.

Computer Science 161

13 of 51

Example: Sending Mail

13

Alice

Bob

Mail to: 123 Bob St

Send to: Bob

I am hungry.

Computer Science 161

14 of 51

Example: Sending Mail

14

Alice

Bob

Mail to: 123 Bob St

Send to: Bob

I am hungry.

Computer Science 161

15 of 51

Example: Sending Mail

15

Alice

Bob

Send to: Bob

I am hungry.

Computer Science 161

16 of 51

Example: Sending Mail

16

Alice

Bob

I am hungry.

Computer Science 161

17 of 51

Example: Sending Mail

17

Alice

Bob

Each layer communicates with each other, relying on abstractions below them!

Relies upon: Sending messages to people

Provides: Sending messages to people

Relies upon: Sending messages to addresses

Provides: Sending messages to addresses

Computer Science 161

18 of 51

OSI Model

  • OSI model: Open Systems Interconnection model, a layered model of Internet communication
    • Originally divided into 7 layers
      • But layers 5 and 6 aren’t used in the real world, so we ignore them
  • Same reliance upon abstraction
    • A layer can be implemented in different ways without affecting other layers
    • A layer’s protocol can be substituted with another protocol without affecting other layers

18

Application

Transport

(Inter) Network

Link

Physical

1

2

3

4

7

Computer Science 161

19 of 51

Layer 1: Physical Layer

  • Provides: Sending bits from one device to another
    • Encodes bits to send them over a physical link
      • Patterns of voltage levels
      • Photon intensities
      • RF modulation
  • Examples
    • Wi-Fi radios (IEEE 802.11)
    • Ethernet voltages (IEEE 802.3)

19

Physical

1

Application

Transport

(Inter) Network

Link

2

3

4

7

Computer Science 161

20 of 51

Layer 1: Physical Layer

20

Physical

1

Application

Transport

(Inter) Network

Link

2

3

4

7

A

B

01110111…01

Physical layer: “How do I transmit this sequence of 0’s and 1’s from A to B?”

Next: How do we talk to more than one device?

Computer Science 161

21 of 51

Layer 2: Link Layer

  • Provides: Sending frames directly from one device to another
    • Relies upon: Sending bits from one device to another
    • Encodes messages into groups of bits called “frames”
  • Examples
    • Ethernet frames (IEEE 802.3)

21

Physical

1

Application

Transport

(Inter) Network

3

4

7

Link

2

Computer Science 161

22 of 51

Layer 2: Link Layer

  • Local area network (LAN): A set of computers on a shared network that can directly address one another
    • Consists of multiple physical links
  • Frames must consist of at least 3 things:
    • Source (“Who is this message coming from?”)
    • Destination (“Who is this message going to?”)
    • Data (“What does this message say?”)

22

Source: A

Destination: C

“Hello, this is A…”

A

B

D

C

Computer Science 161

23 of 51

Layer 2: Link Layer

  • In reality, computers aren’t all connected to the same wire
    • Instead, local networks are a set of point-to-point links
  • However, Layer 2 still allows direct addressing between any two devices
    • Enabled by transmitting a frame across multiple physical links until it reaches its destination

23

Source: A

Dest: C

“Hello, this is A…”

A

B

C

D

E

Computer Science 161

24 of 51

Ethernet and MAC Addresses

Ethernet header

24

Source MAC Address (6 bytes)

Destination MAC Address (6 bytes)

VLAN Tag (4 bytes)

Type (2 bytes)

Data (variable-length)

Computer Science 161

25 of 51

Ethernet and MAC Addresses

  • Ethernet: A common layer 2 protocol that most endpoint devices use
  • MAC address: A 6-byte address that identifies a piece of network equipment (e.g. your phone’s Wi-Fi antenna)
    • Typically represented as 6 hex bytes: 13:37:ca:fe:f0:0d
    • The first 3 bytes are assigned to manufacturers (i.e. who made the equipment)
      • This is useful in identifying a device
    • The last 3 bytes are device-specific

25

Computer Science 161

26 of 51

Layer 2: Link Layer

26

Physical

1

Application

Transport

(Inter) Network

3

4

7

Link

2

Source: A

Dest: C

“Hello, this is A…”

Link layer: “How do I transmit this frame from A to C, making sure that no one else thinks the message is for them?”

Next: How do we address every device in existence?

A

B

D

C

Computer Science 161

27 of 51

Layer 3: Network Layer

  • Provides: Sending packets from any device to any other device
    • Relies upon: Sending frames directly from one device to another
    • Encodes messages into groups of bits called “packets”
    • Bridges multiple LANs to provide global addressing
  • Examples
    • Internet Protocol (IP)

27

Physical

1

Application

Transport

4

7

(Inter) Network

3

Link

2

Computer Science 161

28 of 51

Layer 3: Network Layer

  • Recall the ideal layer 2 model: All devices can directly address all other devices
    • This would not scale to the size of the Internet!
  • Instead, allow packets to be routed across different devices to reach the destination
    • Each hop is allowed to use its own physical and link layers!

28

A

B

D

C

E

F

G

H

Router

Computer Science 161

29 of 51

Layer 3: Network Layer

29

A

Router

C

D

E

B

Router

Router

Router

Router

Router

Router

Source: A

Destination: D

“Hello, this is A…”

Computer Science 161

30 of 51

Layer 3: Network Layer

30

A

Router

C

D

E

B

Router

Router

Router

Router

Router

Router

Source: A

Destination: D

“Hello, this is A…”

This link could be Wi-Fi

And this link could be Ethernet

But the Internet protocol stays the same, end to end

Computer Science 161

31 of 51

Layer 3: Network Layer

  • Packets must consist of at least 3 things:
    • Source (“Who is this message coming from?”)
    • Destination (“Who is this message going to?”)
    • Data (“What does this message say?”)
    • Similar to frames (layer 2)
  • Packets may be fragmented into smaller packets
    • Different links might support different maximum packet sizes
    • Up to the recipient to reassemble fragments into the original packet
  • Each router forwards a given packet to the next hop
    • We will cover how a router knows how to forward—and attacks on it—in the future
  • Packets are not guaranteed to take a given route
    • Two packets with the same source and destination may take different routes

31

Computer Science 161

32 of 51

Internet Protocol (IP)

IPv4 header

32

Version (4 bits)

Header Length (4 bits)

Type of Service (6 bits)

ECN (2 bits)

Total Length (16 bits)

Identification (16 bits)

Flags (3 bits)

Fragment Offset (13 bits)

Time to Live (8 bits)

Protocol (8 bits)

Header Checksum (16 bits)

Source Address (32 bits)

Destination Address (32 bits)

Options (variable length)

Data (variable length)

Computer Science 161

33 of 51

Internet Protocol (IP)

  • Internet Protocol (IP): The universal layer-3 protocol that all devices use to transmit data over the Internet
  • IP address: An address that identifies a device on the Internet
    • IPv4 is 32 bits, typically written as 4 decimal octets, e.g. 35.163.72.93
    • IPv6 is 128 bits, typically written as 8 groups of 2 hex bytes: 2607:f140:8801::1:23
      • If digits or groups are missing, fill with 0’s, so 2607:f140:8801:0000:0000:0000:0001:0023
    • Globally unique from any single perspective
      • For now, you can think of them as just being globally unique
    • IP addresses help nodes make decisions on where to forward the packet

33

Computer Science 161

34 of 51

Reliability

  • Reliability ensures that packets are received correctly or, if random errors occur, not at all
    • This is implemented with a checksum
    • However, there is no cryptographic MAC, so there are no guarantees if an attacker modifies packets
  • IP is unreliable and only provides a best effort delivery service, which means:
    • Packets may be lost (“dropped”)
    • Packets may be corrupted
    • Packets may be delivered out of order
  • It is up to higher level protocols to ensure that the connection is reliable

34

Computer Science 161

35 of 51

Layer 3: Network Layer

35

A

Router

C

D

E

B

Router

Router

Router

Router

Router

Router

Source: A

Destination: D

“Hello, this is A…”

Layer 3: “How do I get this packet from A to D?”

Next: How do we reliably send any length of data, not just packets?

Computer Science 161

36 of 51

Layer 4: Transport Layer

  • Provides: Transportation of variable-length data from any point to any other point
    • Relies upon: Sending packets from any device to any other device
    • Builds abstractions that are useful to applications on top of layer 3 packets
  • Useful abstractions
    • Reliability: Transmit data reliably, in order
    • Ports: Provide multiple “addresses” per real IP address
  • Examples
    • TCP: Provides reliability and ports
    • UDP: Provides ports, but no reliability

36

Physical

1

Application

7

Link

2

(Inter) Network

3

Transport

4

Computer Science 161

37 of 51

Layer 4: Transport Layer

37

A

D

I am now sending an arbitrary length message that will probably be broken into several packets…

Unreliable Internet

Layer 4: “How do I transport this arbitrary data over an unreliable medium?”

Computer Science 161

38 of 51

Layer 7: Application Layer

  • Provides: Applications and services to users!
    • Relies upon: Transportation of variable-length data from any point to any other point
  • Every online application is Layer 7
    • Web browsing
    • Online video games
    • Messaging services
    • Video calls (Zoom)

38

Physical

1

Link

2

(Inter) Network

3

Transport

4

Application

7

Computer Science 161

39 of 51

Layers of Abstraction and Headers

  • As you move to lower layers, you wrap additional headers around the message
  • As you move to higher layers, you peel off headers around the message
  • When sending a message we go from the highest to the lowest layer
  • When receiving a message we go from the lowest to highest layer

39

Computer Science 161

40 of 51

Example: HTTP Request

40

HTTP

TCP

IP

Ethernet

Wires

HTTP

TCP

IP

Ethernet

Wires

GET / HTTP/1.1

...

Computer Science 161

41 of 51

Example: HTTP Request

41

HTTP

TCP

IP

Ethernet

Wires

HTTP

TCP

IP

Ethernet

Wires

From: Port 1234

To: Port 80

GET / HTTP/1.1

...

Computer Science 161

42 of 51

Example: HTTP Request

42

HTTP

TCP

IP

Ethernet

Wires

HTTP

TCP

IP

Ethernet

Wires

From: 1.2.3.4

To: 5.6.7.8

From: Port 1234

To: Port 80

GET / HTTP/1.1

...

Final destination

Computer Science 161

43 of 51

Example: HTTP Request

43

HTTP

TCP

IP

Ethernet

Wires

HTTP

TCP

IP

Ethernet

Wires

From: 20:61:84:3a:a9:52

To: 6d:36:ff:4a:32:92

From: 1.2.3.4

To: 5.6.7.8

From: Port 1234

To: Port 80

GET / HTTP/1.1

...

Address of next hop

Computer Science 161

44 of 51

Example: HTTP Request

44

HTTP

TCP

IP

Ethernet

Wires

HTTP

TCP

IP

Ethernet

Wires

From: 20:61:84:3a:a9:52

To: 6d:36:ff:4a:32:92

From: 1.2.3.4

To: 5.6.7.8

From: Port 1234

To: Port 80

GET / HTTP/1.1

...

Converted into bits and transmitted

Computer Science 161

45 of 51

Example: HTTP Request

45

HTTP

TCP

IP

Ethernet

Wires

HTTP

TCP

IP

Ethernet

Wires

From: 89:8d:33:25:47:24

To: d5:a9:20:68:e0:80

From: 1.2.3.4

To: 5.6.7.8

From: Port 1234

To: Port 80

GET / HTTP/1.1

...

Received over the physical medium

Notice: The MAC addresses changed because the recipient is on a different network

Computer Science 161

46 of 51

Example: HTTP Request

46

HTTP

TCP

IP

Ethernet

Wires

HTTP

TCP

IP

Ethernet

Wires

From: 89:8d:33:25:47:24

To: d5:a9:20:68:e0:80

From: 1.2.3.4

To: 5.6.7.8

From: Port 1234

To: Port 80

GET / HTTP/1.1

...

Computer Science 161

47 of 51

Example: HTTP Request

47

HTTP

TCP

IP

Ethernet

Wires

HTTP

TCP

IP

Ethernet

Wires

From: 1.2.3.4

To: 5.6.7.8

From: Port 1234

To: Port 80

GET / HTTP/1.1

...

Computer Science 161

48 of 51

Example: HTTP Request

48

HTTP

TCP

IP

Ethernet

Wires

HTTP

TCP

IP

Ethernet

Wires

From: Port 1234

To: Port 80

GET / HTTP/1.1

...

Computer Science 161

49 of 51

Example: HTTP Request

49

HTTP

TCP

IP

Ethernet

Wires

HTTP

TCP

IP

Ethernet

Wires

GET / HTTP/1.1

...

Computer Science 161

50 of 51

Example: HTTP Request

50

HTTP

TCP

IP

Ethernet

Wires

HTTP

TCP

IP

Ethernet

Wires

Relies upon: Transport of data

Provides: Transport of data

Relies upon: Global packet delivery

Provides: Global packet delivery

Relies upon: Local frame delivery

Provides: Local frame delivery

Relies upon: Communication of bits

Provides: Communication of bits

Computer Science 161

51 of 51

Intro to Networking: Summary

  • Internet: A global network of computers
    • Protocols: Agreed-upon systems of communication
  • OSI model: A layered model of protocols
    • Layer 1: Communication of bits
    • Layer 2: Local frame delivery
      • Ethernet: The most common Layer 2 protocol
      • MAC addresses: 6-byte addressing system used by Ethernet
    • Layer 3: Global packet delivery
      • IP: The universal Layer 3 protocol
      • IP addresses: 4-byte (or 16-byte) addressing system used by IP
    • Layer 4: Transport of data (more on this next time)
    • Layer 7: Applications and services (the web)

51

Application

Transport

(Inter) Network

Link

Physical

1

2

3

4

7

Computer Science 161