Lecture 4: 15th October 2019

Question 1

What is the hourglass model?

Answer 1

The modelling of protocols that operate the Internet, with IP being the only internetworking layer protocol that exists, forming its “waist” in the middle.

Question 2

What are the advantages of IP being the only interworking protocol?

Answer 2

allows for heterogeneity by abstracting the lower layers; easy to develop for - only 1 interface; simple service, provisioning, and maintenance; common functionality

Question 3

What is opex?

Answer 3

operational expenditure = maintenance, wages, office rental

Question 4

What is capex?

Answer 4

capital expenditure = one-time costs such as buying a server or datacentre warehouse

Question 5

What functionality is added to the interworking layer?

Answer 5

multicast transmissions, QoS, VoIP, etc

Question 6

What are the consequences of adding functioanlity to the inrterworking layer?

Answer 6

increased complexity, num service interfaces, maintenance overhead, and reduced interoperability

Question 7

What are the two chocies for interworking protocols and the differences between them?

Answer 7

IPv4 and IPv6. v4 fully deployed, v6 partially. v6 uses 128 bit addresses vs 32 bit in v4. v6 supports QoS.

Question 8

What is IPSec?

Answer 8

IPSec = IP security = a suite of protocols that provide data authentication, integrity, and confidentiality across an IP network - in IP packets.

Question 9

What is tunelling?

Answer 9

A tunneling protocol is a communications protocol that allows for the movement of data from one network to another. It involves allowing private network communications to be sent across a public network (such as the Internet) through a process called encapsulation. It can be done with encryption.

Can be one protocol over another (IPv6 over IPv4 if IPv6 unavailable from ISP) or for security with a VPN.

Question 10

What does it mean to say that there are a break and mismatch in the waist of the hourglass model?

Answer 10

There is a break in the end-to-end principle of the Internet caused by NAT and ALGs such as middleboxes

Question 11

What are ALGs?

Answer 11

ALG = Application-Level Gateway = a conceptual network security component that is implemented by a firewall proxy server that augments a firewall or NAT employed in a computer network to improve the network’s security.

ALGs map between different protocols implementing the same functionality, e.g. a company’s internal email service to external SMTP servers.

Question 12

What is NAT?

Answer 12

Network address translation = a technique that maps multiple local IP addresses on a local network to one or more global IP addresses that send, receive, and route the traffic of the local addresses to and from the Internet.

Question 13

What are middleboxes?

Answer 13

An intermediary networking device that performs functions other than the normal functions of a router on IP packets between their sender and receiver.

Question 14

What is the end-to-end principle of the Internet?

Answer 14

A design concept in computer networking that specifies that application-specific features reside solely in the communicating end nodes of the network, and not in intermediary nodes, such as gateways and routers, that exist to establish the connection.

Question 15

How do middleboxes break the end-to-end principle?

Answer 15

They can perform application-specific functionality outside of the hosts at each endpoint.

Question 16

What are the problems with IPv6?

Answer 16

slow deployment rate; problems interoperating with v4 => forced to change network and app interfaces; doubles maintenance; increases use of tunneling (e.g. to get v6 or v6 features over v4 if ISP doesn’t provide directly)

Question 17

What are the differences between the common services at the core IP network and transport layer?

Answer 17

Common services in the core network for IP:
– Connectionless, packet/datagram service.
– Packet forwarding.
– Routing.
– No end-to-end state to avoid “fate-sharing”.

Transport layer common services with TCP:
– Reliable, ordered byte-stream for applications.
– Flow control for receiver.
– Congestion control for network.
– Can survive network faults/route changes

Question 18

How is UDP seen today, particularly with QUIC?

Answer 18

UDP seen as an “interface on to IP”. The official position for QUIC is that UDP is not a transport protocol. It’s debated, but some people see it as a mix between a transport and session protocol.

Question 19

Why does keeping to the end-to-end principle make it hard to implement security and privacy?

Answer 19

It’s hard to decide which layer should implement security and privacy. Can’t be the network layer, as not all comms need secure transfer. The app layer would seem best as it knows from its state whether to encrypt. So it would encrypt a stream to the transport layer (via session where applicable). But the app layer needs to use IP addresses which can easily be used to identify and locate users, resulting in a loss of privacy.

Question 20

What is the plane model?

Answer 20

A central part of SDN, the modelling of different network functions as being in separate “planes”; the three planes are the data plane (routing), control plane (making routing tables), and management (device config, maintenance, and monitoring) plane. The management plane is the least important.

Question 21

What is the data plane?

Answer 21

The parts of a computer network responsible for moving user traffic to its next hop along its path, according to logic and instructions from the control plane, which decides where traffic is sent (i.e. paths and next hops).

Question 22

What is the data plane aka?

Answer 22

user plane and forwarding plane

Question 23

What is the control plane?

Answer 23

The parts of a computer network responsible for deciding where traffic is sent. It defines routing and forwarding tables and the network topology. The routing tables it defines are used by the data plane to move packets to their next hop.

Question 24

What is the control plane aka?

Answer 24

signaling plane

Question 25

What is the management plane?

Answer 25

The parts of a computer network responsible for maintaining, configuring, and monitoring all the devices on a network.

Question 26

What is a SDN?

Answer 26

SDN = Software-defined networking = an approach to network management that seeks to make networks fast and adaptable. SDN attempts to dissociate the forwarding process of network packets (data plane) from the routing process (control plane). These are the most important of three planes, the other being the management plane.

The control plane dictates the network topology and constructs routing and forwarding tables. The data plane carries out data routing and forwarding: moving packets to their next hop. The management plane maintains, configures, and monitors network devices.

Question 27

What should you consider when designing protocols and systems such as the Internet?

Answer 27

Design assuming devices using the network will be heterogeneous (different) and that the network can change in scope: purpose and userbase and scale.

Choose a single, simple approach. Don’t reinvent stuff. Don’t constrain scalability. Consider performance in field sizes, data types, etc. Implement modularity and loose couplings.

Avoid circular dependencies, to avoid bootstrapping
problems: services that rely on each other to be in place. Perform real-world tests on anything built - first draft designs rarely work.

Question 28

Why is testing a vital piece of the design of systems?

Answer 28

Paper designs rarely work the first time.

Question 29

What is a monotonically increasing function?

Answer 29

As x increases, f(x) increases or stays level: doesn’t decrease.

Question 30

What is the Architectural Component Proportionality Law?

Answer 30

Essentially as the number of distinct components of an architecture increases, its complexity increases and the probability of making a stable implementation of it decreases.

Complexity(A) = O(w(|A|))
P(stable implementation of A) = O(1 / w(|A|))

w = monotonically increasing function
|A| = number of distinct components in the service delivery path of architecture A.

Question 31

Why does DNS scale and perform well?

Answer 31

• hierarchy: uses a distributed namespace
• request indirection/redirection: distribute request load throughout the hierarchy
• caches updates with localised timing to avoid impacting accuracy
• simple protocol: UDP-based and stateless to avoid TCP overheads

Question 32

Does TCP congestion control violate the end-to-end principle? Why?

Answer 32

No, because it is only implemented on end-user devices and isn’t vital network functionality.

Question 33

What should we assess to determine the success of a protocol?

Answer 33

Checking it remains scalable and performs well for other unintended uses (e.g. Internet for video not text) and on an unforeseen scale as well as for intended uses and scale. Successful protocols meet their original scale and functions but wildly successful protocols perform well beyond their original purposes and scale.

Question 34

What is RSVP-TE?

Answer 34

Resource Reservation Protocol - Traffic Engineering is a control plane protocol extending RSVP to include traffic engineering, which involves using statistics paired with measurements to plan the movement of data on networks ahead of time to improve their efficiency and performance.

Question 35

What are wildly successful protocols?

Answer 35

Protocols that perform well in their original purposes and scale and then go on to also perform well in further purposes and at greater scales.

Question 36

What are the issues with the surpassing of the original design constraints of wildly successful protocols?

Answer 36

Performance and security problems; creeping functionality; side effects of original design hindering possible future applications; becomes a prominent target for hackers.

Question 37

What are MIME encodings?

Answer 37

An Internet standard that extends the format of (originally email message) data to support text in character sets other than ASCII, as well as attachments of audio, video, images, and application programs. They allow people to interpret and read binary data.

Question 38

What is creeping functionality?

Answer 38

When you repeatedly add more functionality to a single protocol rather than using different ones to perform new and different functions. The protocol becomes a monolith as a result.

Question 39

Why may you encrypt data at the app layer?

Answer 39

Only app layer knows when to encrypt, based on state. It could tell the transport layer to do so, but encryption in the transport layer would stop middleboxes working as they wouldn’t be able to look at data from lower layers to perform their functionality. You also may not trust services at lower layers that you are doing so to handle encrypting your data.

Question 40

How may it be argued that HTTP is becoming the new waist of the hourglass?

Answer 40

May be becoming another waist or the new one in the hourglass model due to the amount of functionality that has been implemented on it. Many protocols moving to be over HTTP, firewalls don’t block it, mature and stable, already deployed and compatible with infrastructure and end-user devices…

Question 41

Why does the use and prevelance of middleboxes impact the design of the Internet?

Answer 41

They must be supported by ISPs or customers will go to competitors so are very prevalent; they are hard to change and deploy updates to, leading to ossification.

Question 42

What is Internet ossification?

Answer 42

The architecture of the Intenet becoming increasingly “set in stone” and unchangeable. From the process of bone generation, in which bone layers are successively laid down.

Question 43

Why do middleboxes contribute to the ossification of the Internet?

Answer 43

They are hard to change and deploy changes to, and companies must continue to support them to keep customers. This means Internet infrastructure will continue to support them for as long as they are used (which will be a long time as people will keep them until they break). This means the Internet’s architecture will have to remain the same (or at least compatible) for a long time, resulting in ossification.

Question 44

What is DCCP?

Answer 44

Datagram Congestion Control Protocol = a message-oriented transport layer protocol that implemented congestion control mechanisms.

Question 45

What were the issues with DCCP?

Answer 45

It was blocked by firewalls so it wasn’t used. This is why people make new services over HTTP.

Question 46

What is MP-TCP?

Answer 46

Multi-path TCP = an effort towards enabling a single TCP connection to use multiple flows: IP addresses/network interfaces. A common interface is given to TCP. The aims include better resource utilisation, better throughput and smoother reaction to failures.

Question 47

What were the issues with MP-TCP?

Answer 47

Issues with firewall blocking, NAT, and security. Got more success than DCCP due to backing from Apple and the Internet community.

Question 48

What is QUIC?

Answer 48

Quick UDP Internet Connections = a new transport layer Internet protocol to improve upon and replace TCP. It’s faster and encrypted-by-default.

Question 49

Why is QUIC more successful than DCCP and MP-TCP?

Answer 49

NATs, firewalls, and middleboxes see it as just being UDP, so it isn’t blocked and is supported by legacy technologies.

Question 50

What would encryption at the transport layer do to middleboxes?

Answer 50

Encryption in the transport layer would stop middleboxes working as they wouldn’t be able to look at data from lower layers to perform their functionality.

Question 51

What do middleboxes do?

Answer 51

Any network action that is not a normal action of an IP router. They manipulate packets and traffic for purposes other than routing and forwarding and implement some other purpose, such as filtering in firewalls for security.

Question 52

What do new services and protocols require to work with applications?

Answer 52

A new API. This takes a lot of effort to deploy to and integrate with all your existing devices, especially without a good incentive, so legacy support should be implemented as dual support in the API. Software engineers must understand the new APIs and then convince their managers to use them.

Question 53

How is ILNP similar to QUIC?

Answer 53

ILNP looks like IPv6 on the wire in the same way QUIC looks like UDP; this makes them both compatible with devices that handle IPv6 and UDP, respectively, without any further changes.

Question 54

What are the elements to balance when trying to use a new service or protocol with applications?

Answer 54

The ability to fulfil the new functionality desired and its compatibility with existing network infrastructure.

Question 55

How does the Internet impact people? Was this in its original scope?

Answer 55

It now impacts human rights and lives directly. Involved in freedom of information, expression, thought, speech…

No lol it was just uni email

Question 56

What is the consequence of Internet ossification?

Answer 56

Innovation and performance are constrained

Question 57

What are the consequences of centralised ownership of Internet services?

Answer 57

reduced utility and privacy as well as commercial self-interest dominating interests of the general population

Question 58

What is the consideration with the size of entities involved with governance and control of the Internet?

Answer 58

We need to decide if few, large, well-known commercial entities or many, smaller, diverse but less well-known commercial entities are better to govern the Internet for the interests of the general population.

Question 59

How do commercial interests narrow the focus of R&D?

Answer 59

To get funding, you need to involve a commercial interest of a company. So research narrowly focuses on what helps companies - not just everyone in general.