Fragenkatalog/Questionnaire 389.165 Communication Networks 2, 3.0 hours Please edit and continue sharing via: https://docs.google.com/document/d/1jDVcWMTdC7pxLZEyyc7SRLJT3bhc2hShRhMyh5mu LSk/edit?usp=sharing 1. 2. 1 Part 1: Standardization 1.1. 1.1 What is a standard (definition)? In which areas/domains are there standards? Which two main categories of technical standards are there, how do they differ from each other? 1.2. 1.2 Why are there standards? Aspects of standardization: What should / could be standardized (software, hardware, interfaces)? Advantages and disadvantages? 1.3. 1.3 What is meant by innovation, how do standardization and innovation influence vice­versa? 1.4. 1.4 Explain the concepts “IETF standards tracks” and “maturity levels” and their necessity. Describe the variants presented in the lecture and describe their purpose (eg, specific examples of how and when they are used in practice). Name several non­standards­track RFC categories and explain their purpose. 1.5. 1.5 Explain what the following abbreviations stand for and what the main tasks of the corresponding comittees are: IANA, IESG, IRSG, RFC Editor. 1.6. 1.6 What is meant by a 3GPP Release? Explain the structure of a 3GPP document number, and the meaning of its component parts? 1.7. 1.7 IETF: Please describe the activities of the standardization organization in detail: 1.8. 1.8 ITU: Describe the activities of the standardization organization in detail: 1.9. 1.9 IEC: Please describe the activities of the standardization organization in detail: 1.10. 1.10 ISO: Please describe the activities of the standardization organization in detail: 1.11. 1.11 ETSI: Describe the activities of the standardization organization in detail: 1.12. 1.12 3GPP: Describe the activities of the standardization organization in detail: 1.13. 1.13 IEEE: Please describe the activities of the standardization organization in detail: 1.14. 1.14 Name the specific standardization organization which has released the following (pre­) standard documents, classify them as normative and informative (explain!) and give an overview of their domain of application: 2 Part 2: Switching Technologies and IP 2.1. 2.1 What does *security by obscurity* mean? Name examples and alternatives. Compare, discuss benefits and drawbacks. 2.2. 2.2 Metcalf’s law: Present Metcalfe’s law and the impact it has in theory and practice in the construction of communication networks. 2.3. 2.3 What is meant by in­band signalling and out­of­band signalling? Give examples of applications in telecommunications, briefly explain advantages and disadvantages of the methods. 2.4. 2.4 A fixed telecom operator decides to replace his circuit­switched core network by a VoIP solution while maintaining circuit­switched connectivity in the access (for his customers). Discuss the problems that customers using circuit­switched services might encounter because of the change (hint: some services might no longer work). 2.5. 2.5 Explain (briefly, possibly with sketch) the concept of packet switching 2.6. 2.6 Explain (briefly, possibly with sketch) the concept of circuit switching 2.7. 2.8. 2.9. 2.10. 2.11. 2.12. 2.13. 2.14. 2.15. 2.16. 2.17. 2.18. 2.19. 2.20. 2.21. 2.22. 2.23. 2.24. 2.25. 2.26. 2.27. 2.28. 2.7 Describe the main advantages and disadvantages of packet switching and circuit switching concerning multimedia communications. 2.8 Compare the position of intelligence and control in transmission and packet­switched networks. 2.9 What can you say about the availability of circuit­switched (telephony) and packet switched (IP) networks? What is meant by the "five nines"? 2.10 Explain ICMP (v4): What it is used for? Give examples of ICMP (v4) uses and explain how it works. Name the two ICMPv6 message type categories and give examples. Which field (bit) differentiates between the two categories? 2.11 Which functionality has been added in ICMPv6 wrt ICMPv4? 2.12 IPv4 and IPv6: explain the main reasons for the introduction of IPv6, which severe shortcomings the IPv4 address assignment process suffered from and what consequences this had. 2.13 Which classes of applications now dominate (in terms of volume) the traffic in IP­based networks? For which decisions can or should you use Internet­published statistics as a basis? Which criteria are relevant when selecting most appropriate statistics? 2.14 Discuss forecasts for the next years with respect to growth of the data volume and connected device count? Which categories of devices are forecasted to account for a large amount of traffic? 2.15 What are the main characteristics and innovations of IPv6 compared with IPv4 (high­level benefits)? 2.16 Which header fields of the IPv4 header have been removed in the IPv6 header and which have been added new? Why? 2.17 List the main IPv6 address types and describe them briefly. 2.18 Why is there no broadcast procedure in IPv6 anymore? Which mechanism replaces IPv4 broadcast in IPv6? 2.19 What is ARP and RARP, what are these protocols used for? Which protocol / functionality that replaces ARP and RARP in IPv6? 2.20 How do IETF standards denote the entity that you address by an IPv4 or IPv6 address? What is the physical equivalent (in a computer system)? How many IPv4 addresses and IPv6 addresses are there (approximately)? How many bits are required to store an IPv4 or an IPv6 address? 2.21 What classes of IPv4 have been defined? What problem is there associated with classful addressing, how does work and what is the main advantage of this mechanism? Give an example for the address in CIDR notation. 2.22 Which notations are used for IPv4 and which for IPv6 addresses? Please give at least one example. Why can’t we replace more than one contiguous group of NULLs in an IPv6 address? 2.23 How is an IPv6 address embedded in a URL? Why? 2.24 Explain briefly "private networks" in the context of IPv4 addressing. What are the advantages and disadvantages of this form of addressing? By which concept private IPv4 networks have been replaced in IPv6? 2.25 Describe the functionality and structure of a "Global Unicast Address" in IPv6 2.26 Describe the purpose and functionality of the extension headers in IPv6. Give examples of standard IPv6 extension headers or of optional extension headers, and briefly describe their use. 2.27 What features of IPv6 packets allow for more efficient forwarding in routers? Compare the structure of IPv4 ­ IPv6 headers with respect to forwarding. 2.28 What does SLAAC stand for? Describe the essential steps of SLAAC in IPv6. 2.29. 3. 2.29 What risks are associated with IPv6 address auto­configuration and which countermeasures (alternative solutions) do you know? 2.30. 2.30 How does an IPv4/IPv6 stack decide on an incoming packet, to which one of the overlying transport protocol stacks the data is to be passed on? 2.31. 2.31 Briefly describe the need and principle of fragmentation and re­assembling in IPv4 networks. Compare the fragmentation process of IPv4 and IPv6. Which are the most important modifications in IPv6 fragmentation? 3 Part 3: Transport Layer 3.1. 3.1 What is the role of the OSI transport layer? Why is it necessary for communication? Which 5­tuple describes uniquely a connection in the Internet protocol stack? 3.2. 3.2 Briefly describe the main characteristics, advantages, disadvantages and applications of UDP in relation to multimedia communications (signaling and media transmission). Which are the typical uses of UDP in practice? 3.3. 3.3 Briefly describe the main characteristics, advantages, disadvantages and applications of TCP in terms of multimedia communications (signaling and media transmission). Which are the typical applications of TCP in practice? 3.4. 3.4 Describe the establishment of a TCP connection. Which information is exchanged during a TCP connection establishment between sender and receiver? Why is this effort required? What is a socket in terms of communication networks? 3.5. 3.5 What is the main cause for the "sawtooth" behaviour in TCP transfer curves? Explain briefly the concepts of Slow Start, Congestion Avoidance, Fast Retransmit, Fast recovery. 3.6. 3.6 Which transport protocol is typically used for real­time data transmission? Why? Give the (one) main reason why TCP is not suitable for the transmission of real­time data. Sketch a specific scenario that illustrates the problem case. 3.7. 3.7 List and explain the design goals of SCTP. Which significant benefits does SCTP offer over TCP? 3.8. 3.8 SCTP message concepts: How is a SCTP connection called? How are SCTP data flows called? How is a SCTP packet structured (headers, chunks, including properties, examples)? What is the reason for this structure? What is the verification tag good for? 3.9. 3.9 TCP and SCTP security: draw the sequence diagrams for TCP and for SCTP connection establishment; name the messages that client and server exchange. Explain in detail which characteristics of TCP’s connection establishment make servers vulnerable to DoS attacks, how this attack works, which mechanisms SCTP uses to overcome this limitation, and how SCTP’s DoS protection works. 3.10. 3.10 Explain the SCTP association establishment: message sequence, state storage, negotiated parameters 3.11. 3.11 Explain SCTP Multi­Homing. Which features are available in the base configuration, which extensions to multi­homing have been proposed? Explain (benefits, drawbacks). 3.12. 3.12 Explain SCTP Multi­Streaming, its benefits and drawbacks (including restrictions within/across streams). Which extensions improve streaming (benefits, drawbacks)? 3.13. 3.13 Explain SCTP Security and Flow Control (benefits, drawbacks, including special security requirements of SCTP extensions). 3.14. 2.13.1 Which main features does DCCP provide over UDP? List and explain the DCCP design goals and design no­goals. 3.15. 3.14 Sketch and explain the high­level DCCP message structure concepts. 3.16. 3.15 Detail on DCCP messaging principles (synchronization, acknowledgement). Explain reasons and operation of 24 and 48 bit sequence number support in DCCP. 3.17. 3.16 Detail on DCCP features and feature negotiation (including mobility, multihoming, congestion control) 3.18. 4. 3.17 List and discuss the four MPTCP Design Objectives and typical use cases for MPTCP. In which use cases MPTCP works well and in which cases it has performance problems? 3.19. 3.18 Explain the main benefits and drawbacks of mTCP over TCP and SCTP. 3.20. 3.19 Middleboxes: discuss how middleboxes on the path can impact on SCTP communications and detail on the solutions adopted by MPTCP to overcome these limitations. Which problems can MPTCP­capable endpoints encounter when middleboxes are on their communication path? 3.21. 3.20 Draw a sequence diagram for MPTCP connection establishment (at least 2 flows). How do the endpoints discover MPTCP capabilities of the communicating party? How do they discover alternative interfaces and routes? 3.22. 3.21 MPTCP security and subflows: Is MPTCP subflow handling safe against blind attacks and against man­in­the­middle attacks? Detail! Discuss how an additional subflow is added to an existing MPTCP connection (sequence diagram), and which mechanisms MPTCP uses to prevent hijacking of subflows by attackers. 3.23. 3.22 MPTCP data handling: Explain how MPTCP handles sequence numbering and window sizes for subflows and for the aggregated data. 4 Part 4: Application Layer 4.1. 4.1 Describe the two main paradigms of application­layer architectures discussed in the lecture (focus: network topology), name their components, discuss requirements, benefits and challenges from customer and provider perspective. 4.2. 4.2 Define the concept of vertical and horizontal service architectures. Discuss their benefits and drawbacks. 4.3. 4.3 Name and discuss the four criteria which can be used for transport service classification and selection. 4.4. 4.4 Which are the four components/extensions which application­layer protocols typically add to transport­layer functionality in terms of syntax and semantics? 4.5. 4.5 Compare today’s application protocols with respect to in­band and out­of band 4.6. 4.6 What are the essential functions of DNS (domain name system)? What were the five main goals in the definition of DNS? How was the functionality of the Internet DNS implemented BEFORE the definition/implementation of DNS? 4.7. 4.7 Describe the architecture (components) of DNS and the DNS­specific terms. 4.8. 4.8 How does a DNS client find the first DNS server which is to be contacted for name resolution? 4.9. 4.9 What is a DNS Resource Record? Detail on the RR structure. What is the DNS RR type required for? Specify at least five examples of DNS Record Types (preferably those that are of importance for SIP­based multimedia communication). 4.10. 4.10 Two key concepts in the architecture of DNS increase DNS performance to scale for worldwide use. Which are these? Explain the concept of authoritative NS in this context. 4.11. 4.11 Which two query strategies are supported by DNS? Sketch down one hypothetical query sequence diagram (e.g., for www.google.com) for any of the two strategies and explain benefits and drawbacks from a client and a server perspective. 4.12. 4.12 Explain the four main sections of a DNS response, their meaning and status (optional, mandatory) 4.13. 4.13 Why is DNS security so important? Detail on possible attacks and their severity and likelihood to be detected. 4.14. 4.14 What does ENUM do, what is it needed for and how is it related to the DNS? 4.15. 4.15 List and explain the (generic) components required for end­to­end email exchange. 4.16. 4.16 Sketch a sequence diagram for generic end­to­end email exchange, including all involved parties (DNS) and explain the steps. 4.17. 5. 4.17 Describe the main concepts, design and functionality of SMTP. Topics: standardization, functionality, for which tasks it is used for (and for which not), error handling, message format and encoding. 4.18. 4.18 Detail on SMTP security threats and solutions. 4.19. 4.19 Describe the main concepts, design and functionality of the POP3 protocol. Topics: need for POP3 (why can’t we use SMTP instead of POP3?), protocol basics (encoding, architecture), POP3 session states, security issues. 4.20. 4.20 Detail on the IMAP protocol. Topics: protocol, improvements, added functionality and drawbacks of IMAP when compared to POP3 4.21. 4.21 Describe the HTTP protocol architecture and concepts. Topics: reason for WWW success, WWW building blocks, standardization, HTTP transport protocols, components and operation. 4.22. 4.22 Compare persistent HTTP against non­persistent HTTP, benefits and drawbacks from client and server perspective. Sketch the sequence diagrams for transferring two objects as part of one web page for the two variants, respectively. 4.23. 4.23 Explain HTTP cookies and caching. Which specific HTTP headers are used for improving cache performance and reducing network transfer? 4.24. 4.24 Describe the FTP protocol. Topics: architecture, transport protocols, messaging, NAT/firewall troubles and solutions, security issues, alternatives. 5 Part 5: Multimedia Networking and SIP 5.1. 5.1 What is the main challenge in transferring multimedia content over packet­switched networks? List and explain the three distinct classes of multimedia applications (according to their networking requirements). 5.2. 5.2 Explain the three main properties (characteristics) of video which have been presented in the lecture. Detail on the variants of redundancy which are exploited by modern video codecs and on video bit rates. 5.3. 5.3 Explain audio coding and sampling. When converting an analog audio signal, which technical parameters bias on the quality of the digitalized output result? 5.4. 5.4 Which factors and constraints must be considered when replaying audio or video (at variable bit rate and at constant bit rate)? Sketch the corresponding time diagrams. 5.5. 5.5 Which models exist for quantifying perceived audio signal quality? Which two factors impair most on the perceived voice quality? Which standardization organizations have set which limits (give these values). 5.6. 5.6 Audio quality estimation differentiates between two types of algorithms. Name these two algorithms and explain benefits and drawbacks. 5.7. 5.7 Discuss trade­offs, challenges and possible solutions in VoIP communications (focus: adaptive playout adjustment). 5.8. 5.8 Describe in brief the steps and components which are required to transfer voice over packet­switched IP networks (chain from transmitter to receiver). 5.9. 5.9 Which transport protocol is used by RTP? Which real­time data transport essential information includes the RTP header? 5.10. 5.10 Given an RTP stream and a network path with specific delay (100 ms) and loss rate (3%). The RTP stream is sent over the network path before at the path egress (exit) the stream’s perceived QoS (pQoS) is computed. Will the pQoS results for two subsequent measurements be identical? Explain! 5.11. 5.11 What is the function of the jitter buffer in real­time communications? Which benefits and drawbacks are associated with it? Which information in the RTP header is essential for the processing of RTP packets in the jitter buffer? 5.12. 5.12 Do SIP signalling and RTP media streams follow same or distinct routes? Why? Who determines the use of intermediate nodes? 5.13. 6. 5.13 Which is the main task of the RTCP protocol? Name and discuss the four functions that RTCP fulfils. Name the RTCP packet types and describe the reason and function of RTCP rate limiting. 5.14. 5.14 Name the RTCP packet types and their purpose. Describe and discuss the reason and function of RTCP rate limiting (including values). 5.15. 5.15 What is SIP? Explain the key features of SIP. Is SIP sufficient to fully implement phone calls over IP? Which are the transport protocols used by SIP? 5.16. 5.16 Name and describe the main four functions which SIP performs. 5.17. 5.17 Name the three SIP server types (based on the storing of state information in SIP servers)? Indicate for each of these server types at least one application area. 5.18. 5.18 Describe the main features of the SIP protocol (message format, encoding, message types). How can one categorize SIP messages according to their type (aligned with HTTP)? Name and explain the status­code­defined classes / categories of reply messages in SIP (similar to HTTP). 5.19. 5.19 How do the SIP standard documents term a SIP endpoint (terminal)? Which two roles can the terminal have? What is the reason of this strict logical separation? 5.20. 5.20 Explain the concepts and grouping of SIP­based messaging and communications – i.e., identify and explain the groups of associated messages defined by SIP. 5.21. 5.21 Describe the process of call setup in SIP in the form of a sequence diagram (requests, responses, message name). How is a SIP­address named in the SIP standards? Give an example of a SIP address. 5.22. 5.22 What are the mechanisms used by SIP to compensate for packet loss? Are Invite and non­Invite transactions treated differently with respect to this criterion? Detail your answer and explain. 5.23. 5.23 Why do we need a SIP registration (i.e., what is a SIP registration required for, which functionality is associated with a SIP registration) 5.24. 5.24 How can an existing SIP registration be deleted? Which message is used on this purpose? How can a registration of one single UA be deleted and how the registration of all UAs of this specific user? 5.25. 5.25 Describe the routing process in SIP. Based on what information and how exactly does (SIP) route initial requests from sender to receiver? What information determines the route of their answers (responses)? 5.26. 5.26 Which SIP headers support the deterministic routing of subsequent requests in SIP? 5.27. 5.27 Explain by means of sequence diagrams, the different behaviour of the three SIP proxy options discussed in the lecture (and name these three proxy variants). 5.28. 5.28 Which protocols are typically used together with SIP for multimedia communication? Why? 5.29. 5.29 What does SDP? How does SDP enable connection establishment and which role does it play exactly? How is a RTP connection established in SIP? How are the corresponding connection parameters (e.g. codecs) configured? 5.30. 5.30 Describe the problems and challenges of SIP in the context of NAT. Name and explain NAT variants and the standardized solutions to bypass NATs with SIP. 5.31. 5.31 Does SIP offer functionality to modify parameters of an already established SIP RTP connection? Justify and describe the mechanisms that prevent or permit the modification. 5.32. 5.32 How does a SIP device communicate with a device on the PSTN and vice versa? What technical requirements must be fulfilled (signalling, media stream)? 6 Part 6: IMS 6.1. 7. 8. 6.1 What are the advantages and disadvantages that an "all­IP" infrastructure offers over current communication networks? Identify and compare the main features of the telecom and Internet architecture. 6.2. 6.2 The migration of telecommunication networks towards All­IP technology change both, the landscape and the roles of players in the telecommunication market. What are the major risks for existing telecom companies? 6.3. 6.3 What is IMS? Who standardizes IMS? Which other key technologies are standardized by the same organization? Which areas include the IMS­related standards? 6.4. 6.4 List the most important IMS architecture components and describe their main tasks ­ focus on SIP proxies and IMS databases. 6.5. 6.5 Compare IMS with plain IETF SIP, discuss advantages and disadvantages of both approaches. 6.6. 6.6 By reusing which concept (known from mobile telecommunications) IMS can achieve worldwide availability? 6.7. 6.7 IMS differentiates between two main topologies depending on the positioning of signalling components in home and foreign networks. Name them. What are the 6.8. 6.8 Which IMS components are always in the SIP signalling path when routing a SIP message in an IMS network? 6.9. 6.9 Which components implement services in IMS? Which IMS node integrates these services into the SIP signal flow (through what mechanism)? 6.10. 6.10 What is meant by IFCs? In which IMS components are they stored? Explain the relationship between IFC, AS and S­CSCF. 6.11. 6.11 What does identity mean in the context of IMS? Briefly describe the variants/types of identity defined and used in IMS and their application/need. Which components store a user’s identity in IMS? 6.12. 6.12 What is a temporary identity in IMS needed for? 6.13. 6.13 Name the components of IMS PCC and explain briefly the PCC architecture’s functionality. Focus on separation of concerns. 6.14. 6.14 What are the two essential variants of IMS charging presented in the lecture? What's the difference? Which of the two systems is more demanding from a technical point of view (explain why)? 7 Part 7: H.323, WebRTC, Skype 7.1. 7.1 Which standardization organization standardizes H.323? What is the purpose of H.323 and which are the related standards it references? Detail. 7.2. 7.2 Name the H.323­defined entities, sketch their hierarchy and detail on their purpose. 7.3. 7.3 What is ASN.1? Detail on concepts of ASN.1, benefits and drawbacks of using ASN.1 when compared to plain­text protocols. 7.4. 7.4 Explain H.323 RAS. Which transport protocol does RAS use (explain)? Isolate some main differences when comparing the H.323 RAS procedure (call setup related) against SIP call establishment. 7.5. 7.5 Explain H.235. What is the scope of H.235 and which aspects of VoIP communication does it cover (name and explain the three aspects)? 7.6. 7.6 Explain the purpose of H.245, its architectural concepts, and name its main control functions. Which optimizations exist for H.245? Why? 7.7. 7.7 What is WebRTC and who standardizes it? Name the main functions and features of WebRTC. What is new in the standardization of WebRTC (focus: contributions to the Internet community)? 7.8. 7.8 Explain the Skype architecture (components, topology, addressing, ...). Which mechanisms help Skype to bypass enterprise firewalls and NATs? 8 Part 8: Measurements and Time 8.1. 9. 8.1 List and discuss the goals of measurements. Focus on the differentiation (and reference the technical terms) of what and how is to be measured. Which IETF standard builds the basis for IP­based measurements? 8.2. 8.2 What is a metric as defined by the IP Performance Metrics Framework (definition or in own words, mentioning the definition’s key words)? Give at least four examples of metrics that have been defined so far by the IETF. 8.3. 8.3 List the three classes of metrics that the IP Performance Metrics Framework defines with respect to the sampling procedure. Discuss the difference and their dependence, and give at least one example for any class. 8.4. 8.4 List the two categories of metrics that the IP Performance Metrics framework defines with respect to the level of abstraction. Detail on the reasons for this separation and give at least one example for any category. 8.5. 8.5 List and characterize briefly the three main measurement methodologies supported by the IP Performance Metrics Framework and its updating documents. Which other methodologies does the IPPM mention? 8.6. 8.6 Explain the difference between active measurement methods, passive measurement methods, and hybrid measurement methods (of type 1 and type 2). 8.7. 8.7 Explain the need for the following IP Performance Metrics concepts: Packet of Type­P* and standard­formed packet. 8.8. 8.8 Define and explain the terms “clock resolution”, “clock offset”, “clock skew”, “clock drift”, “accurate clock”? 8.9. 8.9 Which are the clock properties that limit measurement precision in round­trip delay measurements (mention at least two!)? Which are the clock properties that determine measurement precision in one­way delay measurements? 8.10. 8.10 List and discuss benefits and drawbacks of the two main time synchronization variants. 8.11. 8.11 Which is the primary goal of NTP? How does the implementation achieve this goal? 8.12. 8.12 Which main network characteristic is pre­requisite for correct NTP function? 8.13. 8.13 Compare scope, applicability, benefits and drawbacks of PTP against the ones of NTP. 8.14. 8.14 Define the PTP­defined terms ordinary clock, boundary clock, master clock, grandmaster clock, PTP domain. 8.15. 8.15 List and discuss the requirements that PTP has with respect to the network and the resulting consequences. 8.16. 8.16 Explain the basic PTP synchronization sequence using a sequence diagram. Label and explain the message types for this basic PTP sequence. 8.17. 8.17 Discuss PTP security: Standardization status, available (and missing functionality), challenges and threats. 9 Part 9: Network Simulation 9.1. 9.1 What is a system (definition)? Which factors define the complexity of a system? 9.2. 9.2 List the techniques that can be used for system performance evaluation. Discuss their benefits and drawbacks with focus on level of abstraction, applicability and pre­ requisites of these techniques. Give examples. 9.3. 9.3 What is a Model? What is the main challenge in defining the model? What is the main pitfall in re­using someone else’s implementation for own simulations? 9.4. 9.4 Which two main categories of computer simulations exist? Why? Briefly explain the basic concepts and give examples. 9.5. 9.5 Define the following terms: entity, system, system state, modelling. Give examples. 9.6. 9.6 When does a discrete event simulation stop? 9.7. 9.7 Which are the characteristics of a good performance model? Explain briefly. 9.8. 9.9. 9.10. 9.11. 9.8 Explain the difference between model validation and model verification. 9.9 Discuss the characteristics of a good simulation model 9.10 Describe the modelling process steps to obtain a good simulation model 9.11 Briefly describe the main characteristics of NS­3 (focus, supported simulation model, programming languages), and the entities it supports as part of the system modelling process. Important Note: This set of questions is not intended to be exhaustive. It should primarily support as a learning aid in preparing for the oral lecture exam. Zum “drüberlesen” vl. interessant: https://vowi.fsinf.at/wiki/Spezial:Materialien/TU_Wien:Multimedia_Kommunikation_VU_(Fabini) 1 Part 1: Standardization Focus on 3GPP, ITU, IETF 1.1 What is a standard (definition)? In which areas/domains are there standards? Which two main categories of technical standards are there, how do they differ from each other? Source: CN2­01­Standards S.4ff General perception: rules ( social , technical , ...) ● Mandatory, recommended, optional,... Technical standard (Wikipedia) ● “A technical standard is an established norm or requirement in regard to technical systems . It is usually a formal document that establishes uniform engineering or technical criteria, methods, processes and practices .” ● ...”In contrast, a custom, convention, company product, corporate standard , etc. that becomes generally accepted and dominant is often called a de facto standard .” 1.2 Why are there standards? Aspects of standardization: What should / could be standardized (software, hardware, interfaces)? Advantages and disadvantages? Why standardization: ● Interoperability : standardized interfaces, simplicity vs. functionality, focus on ease­of­use : improve customer experience, increase customer count ● Metcalfs law : value of a telecommunications network is proportional to the square of connected users in the system ● Interface description : formal, textual ● Innovation vs. standardization : “...creation of better or more effective products, processes, technologies or ideas that are accepted by markets, governments and society”, “substantial positive change compared to incremental changes” ● Klar definierte Schnittstellen, Vereinheitlichung, eindeutige Spezifikation, Interoperabilität, Förderung des Wettbewerbs, Homogenisierung What should/could be standardized: most important: Interfaces that parts from different vendors could communicate and work together Advantages: ● interoperability ● better products ● less risk for a producer (that he product is not accepted by the market) if he abides by a standard Disadvantages: ● telecommunication standardization is complex ● many standardization organisations ● different standardization processes ● many document types ● big companies push their developments to a standard 1.3 What is meant by innovation, how do standardization and innovation influence vice‐versa? Standardization processes happen slowly so innovation is slowed down too. Most of the time big companies try to standardize their realizations. Small companies don’t have the money to do that. 1.4 Explain the concepts “IETF standards tracks” and “maturity levels” and their necessity. Describe the variants presented in the lecture and describe their purpose (eg, specific examples of how and when they are used in practice). Name several non‐standards‐track RFC categories and explain their purpose. IETF = Internet Engineering Task Force IETF Documents: ● RFC (Request for Comments) → Standard (format: plain ASCII text, no pictures) ● Internet Drafts → preliminary (working) document IETF Standardization Process: ● anyone can propose an RFC ● Pre­RFC stage: Internet Draft (anyone can propose, Draft can be refined in subsequent versions and eventually ends up in a RFC) ● but: ○ Drafts are non­archival items ○ Expired drafts simply disappear ● ○ Drafts sholud not be referenced IETF RFC Classification/RFC Categories ○ Standards Track (most important) ■ Main IETF standards: protocols, architectures, etc. ■ Two maturity levels ● Proposed Standard ○ Entry­level maturity classification after approval as RFC ○ Supposed to be stable and well­understood ○ typically no (reference) implementation available ○ “immature specification”: validation by implementation ● Draft Standard ( was eleminated , because of overlapping between Draft Standard and Internet Standard requirements, huge effort for advancing on the Standard Tracks) ● Internet Standard (Standard) ○ rich implementation, operational experience ○ protocol or service provides high benefit to internet community ○ Non­Standards­Track ■ Informational: flexible content (from DNS specs to April 1st RFC) ■ Experimental: doubts that presented concept works in practice ■ Best Current Practice (BCP): Guidlines, administrative documents ■ Historic: mainly deprectead or obsolete standards IETF Internal Organization ● Areas (domain of research, e.g. Transport Area, Routing Area,...) ● IETF Working Groups (any WG assigned to a specific area, active development of standards, applications, protocols, etc., focus on specific topic, e.g. SIP) ● Technical Administration: Internet Engineering Steering Group ( IESG ) ● RFC Editor (small group of people at USC­ISI networking division, in charge of RFC publication, formatting, conformance checking, etc. ● Internet Research Steering Group (IRSG ): focus on long term development of the internet ● Internet Assigned Numbers Authority (IANA): registration, assignment and management of numbers which must be worldwide unique → e.g. IP address ranges, protocol names and numbers,... RFC details: ● a published RFC does NEVER change (IETF does NOT have any versioning mechanism, most other standardization organizations do have) Pro: Reference to RFC number is unambiguos Con: more difficult to follow standardization path ● when a bug is found in a RFC → new RFC 1.5 Explain what the following abbreviations stand for and what the main tasks of the corresponding comittees are: IANA, IESG, IRSG, RFC Editor. → question 1.2 1.6 What is meant by a 3GPP Release? Explain the structure of a 3GPP document number, and the meaning of its component parts? 3rd Generation Partnership Project (ist ein Zusammenschluss verschiedener Standardisierungsgremien: ETSI (Europe), ARIB (Japan), CCSA (China), ATIS (US), TTA (Korea), TTC (Japan) ursprüngliches Ziel: Spezifikation für globales Mobilfunknetz der dritten Generation (UMTS, HSPA, GSM, GPRS, EDGE, LTE) Release­Konzept: ● eine Release spezifiziert einen Satz an standardisierten Features Bsp.: Release 5 (03/2002) ­ “All­IP”, first IP Multimedia Subsystem Release, HSDPA oder Release 8 (12/2008) ­ First LTE Release ● Definition: “3GPP uses a system of parallel "releases" ­ to provide developers with a stable platform for implementation and to allow for the addition of new features required by the market.” Documents: ● Technical Specification (TS, Standards) ● technical Reports (“best practice”) 3GPP Stages (abgeleitet von ITU­T Kategorisierungs­Methode) : ● Stage 1: Beschreibung des Services aus Sicht eines Users ● Stage 2: logische Analyse und Informationsfluss auf funktionaler Ebene ● Stage 3: konkrete Implementierung von Protokollen (Mapping von funktionalen Elementen zu physikalischen Elementen) Nummerierungsformat: TS xx.yyy a.b.c ● xx: Seriennummer ● yyy: Spezifizierung innerhalb einer Serie ● Bsp.: TS 22.228 → Service requirement for the IMS (IP Multimedia Subsystem) core network ● a → 3GPP Release number (if > 3; 1=informational; 2=for approval) ● b → Major Version (wird bei erheblichen Änderungen erhöht) ● c → Minor version number (wird bei jeder Änderung erhöht) ● Bsp.: TS 22.228 5.6.0 ● wird ein Fehler in einem Standard entdeckt, so gibt es eine neuen Release 1.7 IETF: Please describe the activities of the standardization organization in detail: (a) What does the abbreviation stand for? (b) Describe the focus of the standardization activities? (c) Who can participate in the standardization and who may propose standards, detail on the requirements to participate? (d) How are standards and related documents named? (e) Describe the standardization process. (f) What happens when someone discovers an error in a standard belonging to that organization? (g) Does this standardization organization define versioning mechanisms? Please detail! → siehe 1.2 1.8 ITU: Describe the activities of the standardization organization in detail: (a) What does the abbreviation stand for? International Telecommunication Union (b) Describe the focus of the standardization activities? Area: ● Telecommunications ● networks (wired and wireless) Main tasks: ● coordinate shared use of radio spectrum ● develop and coordinate international standards (c) Who can participate in the standardization and who may propose standards, detail on the requirements to participate? Participation in standardization process open to ITU members ONLY (acces to preliminary documents, member fees) (d) How are standards and related documents named? ITU standards: Recommendations (e.g. H.323) ● Working parties (WP): focus on specific (broad) standardization topic ● Questions: Research topics to be solved within one WP Example: ● SG 16: Multimedia terminals, systems and applications ● WP 2/16: Multimedia Platform and Interworking ● Question 5/16: Mobility for Multimedia Systems and Services ● G → Transmission systems and media, digital systems and networks ● H → Audiovisual and multimedia systems ● T → Terminals for telematic services (e) Describe the standardization process. approval precedure: ● ITU Drafts elaborated and discussed within ITU SGs (Study Group) and WPs (working parties) ● IF considered to be mature, review at a meeting ● On consent, draft submitted for approval, final review ● Provided that members do not have objections, draft is approved and becomes recommendation (f) What happens when someone discovers an error in a standard belonging to that organization? Versionierung über Jahres und Monatsangabe → Bsp: H.323 (12/09) wurde also approved im Dezember 2009 (g) Does this standardization organization define versioning mechanisms? Please detail! simple versioning mechansim → no deticated number, but referenced by approval date 1.9 IEC: Please describe the activities of the standardization organization in detail: (a) What does the abbreviation stand for? International Electrotechnical Commission (b) Describe the focus of the standardization activities? Bereitstellung und Publikation von internationalen Standards (Kooperation auch mit ITU und ISO um Interoperabilität zu gewährleisten) ● Bereich: elektrische, elektronische und verwandte Themen ● Standardisierung ● Zertifizierung (c) Who can participate in the standardization and who may propose standards, detail on the requirements to participate? hauptsächlich Staaten (bzw. Delegationen davon) als Teilnehmer, das sogenannte Technical Committees, wird aus National Committees gebildet (z.B.: entsendet Österreich den OVE als National Committee in das Technical Committee), jedes Land hat eine Stimme (d) How are standards and related documents named? Kategorien: ● Normative ○ Internationaler Standard, Technical Specification ○ Nummernbereich: 60000 ­ 79999 (Bsp.: IEC 61850 ­ Communication Networks and Systems in Substations) ● Informative (Technical Report, Bsp.: IEC/TR 61850­90­5) (e) Describe the standardization process. Consensus based ­ one vote per country Rest Todo (f) What happens when someone discovers an error in a standard belonging to that organization? Haupt­ und/oder Unter­Revisionsnummer werden erhöht (g) Does this standardization organization define versioning mechanisms? Please detail! Haupt­ und Unter­Revisionsnummer → z.B.: IEC 60950­1 Ed. 2.2 MORE? 1.10 ISO: Please describe the activities of the standardization organization in detail: (a) What does the abbreviation stand for? International Organization for Standardization (b) Describe the focus of the standardization activities? Internationale Standards (wobei diese viele verschiedene Bereiche abdecken, z.B.: Nahrungsmittel Sicherheit, Computers, Landwirtschaft, Gesundheitswesen,...) Kooperation mit ITU und IEC (International Electrotechnical Commission) um Interoperabilität zu gewährleisten (c) Who can participate in the standardization and who may propose standards, detail on the requirements to participate? hauptsächliche Staaten bzw. deren Delegationen ISO Membership Kategorien: ● Member bodies (nationale Standardisierungsgremien, repräsentieren Staaten) ● Correspondent members (Staaten ohne eigenem Gremium) ● Subscriber members (kleine Staaten welche eine reduzierten Mitgliedsbeitrag zahlen) (d) How are standards and related documents named? z.B.: ISO 9001:2008 (e) Describe the standardization process. Ablauf: ● Proposal stage (neuer Standard wird dem technical committee vorgeschlagen) ● Preparatory stage (Working group bestehend aus Experten diskutiert und arbeitet einen working Draft aus) ● Committee stage (1. working draft wird dem technical Committee vorgelegt) ● Enquiry stage (Draft wird an alle ISO national Members weitergegeben; diese haben die Aufgabe den Draft zu kommentieren) ● Approval stage (final draft wird an alle ISO Mitglieder weitergegeben → wenn dem Standard mittels Abstimmtung zugestimmt wird, wird er publiziert) ● Publication stage (f) What happens when someone discovers an error in a standard belonging to that organization? Versionierung mittels Jahreszahl → siehe nächste Frage (g) Does this standardization organization define versioning mechanisms? Please detail! Dokument wird mit Jahrzahl versehen, z.B.: ISO 9001:2008 Quality management systems ­ Requirements 1.11 ETSI: Describe the activities of the standardization organization in detail: (a) What does the abbreviation stand for? European Telecommunications Standard Institute (b) Describe the focus of the standardization activities? ● ● ● eigentliches Ziel: Koordination und Erstellung von europäischen Standards, mit dem Ziel eine Homogenität auf dem europäischen Telekom­Sektor zu erreichen zusätzlich: auf globale/weltweite Standards zu Erstellen größte Leistungen in globale Standardisierung: ○ GSM (Global System for Mobile Communications) ○ UMTS (Universal Mobile Telecommunications System) ETSI Struktur: ● General Assembly: höchste, entscheidungstreffende Authorität ● Board: ausführender Teil der General Assembly ● Technical Bodies (Technical Committiees, Special Committees, Projects, Partnership Projects ● Sekretariat (c) Who can participate in the standardization and who may propose standards, detail on the requirements to participate? es können nur Mitglieder von ETSI neue Standards vorschlagen; Es müssen zumindest vier Mitglieder beteiligt sein für einen Vorschlag eines neuen Standards (d) How are standards and related documents named? ETSI Dokumenten Kategorien (alle Standards gratis verfügbar) ● ETSI Standard (ES) → globaler Standard European Standard (EN) → Standard auf europäischem Level ● ETSI Technical Specifications (TS) → kurze time­to­market, ev. Vorstufe zu ES/EG/ENWichtigkeit ● ETSI Technical Guide (EG) → globale Wichtigkeit ● ETSI Technical Report (TR) → wie TS ● ETSI Special Report (SR) → wie TS ● ETSI Group Specification (e) Describe the standardization process. A proposal to start an item of work, such as to create a new standard or to update an existing one, needs the agreement of just four members of ETSI. Our entire membership is given the opportunity to endorse the proposal, or to object to it if they so wish. This ensures that all of our work serves the broad ICT community. Proposals may come from: ● individual members of ETSI ● the European Commission (EC) or the European Free Trade Association (EFTA) (f) What happens when someone discovers an error in a standard belonging to that organization? es gibt eine neue Version eines Standards (nachdem dies von den dafür zuständigen Stellen genehmigt wurde) (g) Does this standardization organization define versioning mechanisms? Please detail! es wird ein komplexes nummern­basiertes Versionierungssystem verwendet (gleich wie bei 3GPP). Bsp: ES 282 001 V2.0.0 (2008­03) 1.12 3GPP: Describe the activities of the standardization organization in detail: (a) What does the abbreviation stand for? (b) Describe the focus of the standardization activities? (c) Who can participate in the standardization and who may propose standards, detail on the requirements to participate? (d) How are standards and related documents named? (e) Describe the standardization process. (f) Whathappens when someone discovers an error in a standard belonging to that organization? (g) Does this standardization organization define versioning mechanisms? Please detail! → siehe Frage 1.4 1.13 IEEE: Please describe the activities of the standardization organization in detail: (a) What does the abbreviation stand for? Institute of Electrical and Electronics Engineers (b) Describe the focus of the standardization activities? ● Standardisierung (eine der wichtigsten Standardisierungs Organisationen → Ethernet Standards (802.3 ­ wired, 802.11 ­ wireless)) ● Publikation (IEEE Explore, Journals, Conferences, stellt ein drittel aller weltweiten Publikationen) (c) Who can participate in the standardization and who may propose standards, detail on the requirements to participate? Membership: ● Individuals/Professionals with indivudual membership or ● Corporate membership: For companies in which standards play a major role in research BUT: membership is not mandatory for participation (d) How are standards and related documents named? Nummer je Sparte/Gebiet → 802 → LAN/MAN und zweiter Teil ist die Spezialisierung: 802.11 → wireless LAN (e) Describe the standardization process. Source: https://standards.ieee.org/develop/process.html (f) What happens when someone discovers an error in a standard belonging to that organization? der Standard wird überarbeitet (g) Does this standardization organization define versioning mechanisms? Please detail! siehe (d) 1.14 Name the specific standardization organization which has released the following (pre‐) standard documents, classify them as normative and informative (explain!) and give an overview of their domain of application: ● ● ● ● ● ● ● ● ● ● T.38: Empfehlung der ITU für Fax over IP, also Übertragung von Faxdokumenten über das Internet, informative TS 23.228: 3GPP Spezification for IP Multimedia Subsystem RFC 3261: SIP Standard von der IETF, normative IEC/TR 61850­90­5: IEC Technical Report Communication networks and systems for power utility automation H.323: ISDN Standard von der ITU­T G.721: ITU­T Standard zur Adaptive Differential Pulse Code Modulation ISO 9001:2008: ISO Norm, definiert Grundlagen und Begriffe zu Qualitätsmanagementsystemen ES 22.228: draft­ietf­ippm­rfc2330­update C37.118: IEEE Standard for Synchrophasor Measurements for Power Systems 2 Part 2: Switching Technologies and IP 2.1 What does *security by obscurity* mean? Name examples and alternatives. Compare, discuss benefits and drawbacks. Sicherheit durch Geheimhaltung . Bezeichnung für ein Prinzip in der Computer­ und Netzwerksicherheit . Es versucht, die Sicherheit eines Systems oder eines Verfahrens zu gewährleisten, indem seine Funktionsweise geheim gehalten wird. z.B.: ● Schlüssel unter der Haustürmatte ● Ausgabe von Fehlinformationen: Die auf eingehende Verbindungen folgende reguläre Antwort ändern, beispielsweise Namen oder Versionsnummern der Programme, um Angreifern eine andere Software vorzugaukeln, die uninteressant ist. Dieses Verfahren verwenden auch Honeypots . ● using encoding (reversable without key) instead of encryption to hide data. Sicherheit, die ausschließlich auf der Geheimhaltung oder Verschleierung von Verfahren beruht, hat sich oft als ungenügend herausgestellt. Als Ergänzung bestehender Sicherheitskonzepte kann sich Verschleierung jedoch als wirkungsvoll z. B. gegenüber automatisierten Angriffen erweisen. Alternative: Open Source/offener Standard jeder kann sich Funktionsweise anschauen (Fehler finden), Umsetzung frei verfügbar ● Vorteile: ○ Breites Publikum kann Fehler finden ○ Hilfe/Ideen/Ansätze für Probleme kann jeder selbst machen und nicht z.B. nur von einer Firma, die das intern regelt ○ Sicherheit muss durch Konzept und nicht durch Geheimhaltung gegeben sein ● Nachteile ○ Gefundene Fehler müssen nicht öffentlich gemacht ○ Support meistens eingeschränkt 2.2 Metcalf’s law: Present Metcalfe’s law and the impact it has in theory and practice in the construction of communication networks. Faustregel über das Kosten­zu­Nutzenverhältnis von Kommunikationssystemen. Es geht davon aus, dass der Nutzen eines Kommunikationssystems proportional zur Anzahl der möglichen Verbindungen zwischen den Teilnehmern (also etwa dem Quadrat der Teilnehmerzahl) wächst, während die Kosten nur proportional zur Teilnehmerzahl selbst wachsen (Grafik siehe: http://de.wikipedia.org/wiki/Metcal fesches_Gesetz#/media/File:Network_effect.png ). Es kann auch an der Nutzung von Telefonen veranschaulicht werden: ein einzelnes Telefon ist nutzlos. Doch mit jedem weiteren Gerät im Netzwerk steigen die Möglichkeiten der Interaktion, da die Anzahl der möglichen empfangenen und gesendeten Anrufe ansteigt. 2.3 What is meant by in‐band signalling and out‐of‐band signalling? Give examples of applications in telecommunications, briefly explain advantages and disadvantages of the methods. In­Band­Signaling bedeutet das Senden von Metadaten und Kontrollinformationen in dem selben Band oder Kanal, der auch für Sprache benutzt wird, was von den Kommunikationspartnern gehört werden kann, im Gegensatz zum Out­Band­Signalling, das nicht gehört werden kann. Bzw. beim Out­of­band signaling wird ein eigener Kanal für Steuerungsinformationen verwendet. Beispiele : In­Band­Signalling: Analog Telefonie Out­Of­Band­Signalling: Digitale Telefonie, Datennetzwerke 2.4 A fixed telecom operator decides to replace his circuit‐switched core network by a VoIP solution while maintaining circuit‐switched connectivity in the access (for his customers). Discuss the problems that customers using circuit‐switched services might encounter because of the change (hint: some services might no longer work). QoS kann nicht mehr garantiert werden Fehler durch ADC, DAC conversion. IP caused delays. Analog Modems and Fax won’t work anymore. The high compression Voice Codecs might destroy the modem signal and cannot be rebuild. Services that use ISDN channel bundeling. Channels won’t be aligned anymore. (adaptive jitter buffer) 2.5 Explain (briefly, possibly with sketch) the concept of packet switching ● Geschaltete logische Verbindung ● Asynchron oder synchron (Echtzeit) ● Verschiedene oder gleiche Bit­Rate an jedem Ende ● Variable Ende­Ende­Verzögerung ● Geteilte Benutzung der physikalischen Verbindung 2.6 Explain (briefly, possibly with sketch) the concept of circuit switching ● ● ● ● ● Geschaltete physikalische Verbindung Isochron Gleiche Bit­Rate an jedem Ende Konstante Ende­Ende­Verzögerung Exklusive Benutzung der physikalischen Verbindung 2.7 Describe the main advantages and disadvantages of packet switching and circuit switching concerning multimedia communications. Packet switching: ● Vorteile: ○ Optimiert die Auslastung des Netzwerks ○ Kann Komponenten­Fehler verkraften – Re­Routing auf alternativem Pfad ○ Flexible Kapazitäts­Zuweisung ○ Verteilte Kontrolle ● Nachteile: ○ Geteilte Ressourcen: Kein QoS, Variable Verzögerung, Durchsatz… ○ Komplexität (buffering) ○ Overhead durch paket header ● Typisch: bill by data volume Circuit Switching: ● Vorteile: ○ Exklusive Benutzung von Ressourcen ○ Garantierte QoS: Konstante Verzögerung und Bit Rate ○ Optimale Benutzung des Netzwerks: Keine Paket­Header ○ Deterministisches Verhalten ○ Zentralisierte Kontrolle ● Nachteile: ○ Verschwendung von Ressourcen ○ Fehlerhafte Komponenten führen zu fehlerhafter Verbindung ○ Herstellen der Verbindung verursacht zusätzliche Verzögerung ● Typisch: bill by time­of use 2.8 Compare the position of intelligence and control in transmission and packet‐switched networks. Leitungsvermittlung : die Vermittlungsstellen sind für die Vermittlung der Verbindung zuständig, die Kontrolle für den Datenfluss liegt in den Vermittlungsstellen, Intelligenz ist in den Vermittlungsstellen untergebracht Paketvermittlung : Intelligenz in den Endgeräten für die Verarbeitung der Pakete (die Pakete müssen die richtigen Header, Adressinformationen usw. enthalten, müssen beim Empfänger wieder geordnet und zusammengesetzt werden), die Zwischenstationen leiten die Pakete, entsprechend den Adressinformationen, einfach weiter 2.9 What can you say about the availability of circuit‐switched (telephony) and packet switched (IP) networks? What is meant by the "five nines"? Meiner Meinung nach: ● Telefon : Verfügbarkeit abhängig von der Verfügbarkeit der Komponenten des Leitungspfads (bzw. des Netzwerks allgemein). ● IP : Verfügbarkeit unabhängig von den Komponenten, bei Fehler Rerouting, dadurch Verzögerung. Five Nines : 99,999% Verfügbarkeit eines Service ( 5.26 minutes per Year) . ● Leitungsvermittlung hat eine Availability von 99,999% (“Carrier class” equipment and specifications), Leitungsvermittlung hat höhere Availability als Paketvermittlung ● Paketvermittlung: bei Paketvermittlung werden “Carrier Class”, Business und Consumer Equipment gemischt verwendet, der Backbone Target hat eine Availability von >99,99%, die lokalen Netzwerke haben eine Availability von >99% 2.10 Explain ICMP (v4): What it is used for? Give examples of ICMP (v4) uses and explain how it works. Name the two ICMPv6 message type categories and give examples. Which field (bit) differentiates between the two categories? Internet Control Message Protocol. ● Übertragung von Kontroll­ und Statusinformationen ● Fehler­, Diagnose­, oder Kontrollnachrichten ● Adressierbare Anwendung an bekanntem Port ● Typischerweise implementiert im OS/IP­Stack ● NICHT verwendet, um Daten zwischen Applikationen auszutauschen Beispiele: Port nicht erreichbar, Host nicht erreichbar,… ICMP echo (ping, traceroute) Funktionsweise siehe CN2­02IP, S. 83, 84 ICMPv6 Message Types: Unterschied im 8 Bit ● Error (0­127) ● Info (128­255) Beispiele für ICMPv6 Message Types: ● Destination Unreachable (1) ● Packet too big (2) ● Echo Request (128) ­ Ping ● Echo Reply (129) ­ Ping Answer ● ● ● ● ● Router Solicitation (133) Router Advertisement (134) Neighbor Solicitation (135) Neighbor Advertisement (136) Redirect (137) 2.11 Which functionality has been added in ICMPv6 wrt ICMPv4? CN2­02­IP.pdf ­ S 120 ● Neighbour discovery (ND): ○ Protokol um herauszufinden/aktualisieren, welche Nachbarn sich im Netzwerk befinden ○ Replacement of Adress Resolution Protocol (ARP)/Reverse Address Resolution Protocol (RARP) ● Multicast Listener Discovery (MLD) ○ Replacement of IGMP (Internet Group Management P.) ● Router Renumbering ● Mobile IPv6 Support 2.12 IPv4 and IPv6: explain the main reasons for the introduction of IPv6, which severe shortcomings the IPv4 address assignment process suffered from and what consequences this had. ● IPv4 Adressen gehen aus ● Adress­Klassifizierung ­> Klassen wurden aufgelöst (CIDR), immer mehr Teilnehmer ● mehr Adressen pro User (mobile, smart home) ● Zu große Blöcke wurden vergeben (USA) 2.13 Which classes of applications now dominate (in terms of volume) the traffic in IP‐based networks? For which decisions can or should you use Internet‐published statistics as a basis? Which criteria are relevant when selecting most appropriate statistics? Mobile Video! Parameters to consider in strategic decisions: ● Trends ○ Metcalfe‘s law concerning customer base ○ Data volume increase as function of user count ● Active users vs . passive users ● Economic ○ considerations E.g., company X decides to charge monthly rates for their product ○ Competing product is available at no cost, interoperable ○ Customers might migrate to competitor‘s offer ● Mass market is highly sensitive to pricing ○ Likely most important factor: $$$ ○ Security and privacy aspects? Important criteria to consider: use the right statistics ● Use reliable sources ● Forecasts vs. statistics ● Representativity ○ Geographical region ■ Developed vs. developing vs. least developed economies ■ Size of region ■ Homogeneity of population ○ Sample counts ? ○ Representative user groups? ● Affiliation or business relationships of authors? 2.14 Discuss forecasts for the next years with respect to growth of the data volume and connected device count? Which categories of devices are forecasted to account for a large amount of traffic? ● 3G, LPWA (Bin mir nicht sicher, ob das hier gemeint ist). ● Mobile Geräte werden ein wichtiger Faktor sein. ● (Vl. auch Internet of Things/Smart Grid, dass wo jedes Haushaltsgerät eine IP bekommt und damit kommunizieren kann z.B.: Geschirrspüler mit Waschmaschine) ● M2M Devices 2.15 What are the main characteristics and innovations of IPv6 compared with IPv4 (high‐level benefits)? ● Mehr Adressen (2^128) ● Vereinfachung und Verbesserung des Protokollrahmens ( Kopfdaten ); dies entlastet Router von Rechenaufwand ● zustandslose automatische Konfiguration von IPv6­Adressen ( SLAAC ); zustandsbehaftete Verfahren wie DHCP werden beim Einsatz von IPv6 damit in vielen Anwendungsfällen überflüssig ● Mobile IP sowie Vereinfachung von Umnummerierung und Multihoming ● Implementierung von IPsec innerhalb des IPv6­Standards. [11] Dadurch wird die Verschlüsselung und die Überprüfung der Authentizität von IP­Paketen ermöglicht. [12] ● Unterstützung von Netztechniken wie Quality of Service und Multicast 2.16 Which header fields of the IPv4 header have been removed in the IPv6 header and which have been added new? Why? Entfernt : ● Header length : Base IPv6 header hat fixe Größe, kein variables length field nötig ● Identification , Flags , Fragment Offset : Optionaler extension header in IPv6. ○ Exclusiv sendender host kann Pakete in IPv6 fragmentieren ○ Path MTU discovery required (ICMPv6) ○ Hosts die MTU­Probleme haben müssen die Fehler dem Sender melden (ICMPv6) ● Header checksum : Entfernt in IPv6. Checks am MAC layer und Transport/Application layer Added : ● Traffic Class (1 byte): Entspricht dem „Type of Service“­Feld in IPv4 Primär für differenzierte Dienste (DiffServ, RFC 2474, 2475) ● Flow Label (20 bits): Pakete, die zum selben Flow gehören, werden gleich behandelt 2.17 List the main IPv6 address types and describe them briefly. ● Unicast address : Identifiziert ein einzelnes Interface ● Multicast address : Identifiziert eine Gruppe von Interfaces Nachrichten, die an eine Multicast­Gruppe gesendet werden, werden von allen Mitgliedern der Gruppe empfangen/verarbeitet Sender does not know to whom he sends. ● Anycast address : Verschiedenen Interfaces zugeordnet. Nachricht wird an eines (das näheste) dieser Interfaces gesendet 2.18 Why is there no broadcast procedure in IPv6 anymore? Which mechanism replaces IPv4 broadcast in IPv6? Broadcast wird in IPv6 durch Multicast ersetzt. 2.19 What is ARP and RARP, what are these protocols used for? Which protocol / functionality that replaces ARP and RARP in IPv6? ● ARP ( Address Resolution Protocol) : Netzwerkprotokoll , das zu einer Netzwerkadresse der Internetschicht die physikalische Adresse (Hardwareadresse) der Netzzugangsschicht ermittelt und diese Zuordnung gegebenenfalls in den so genannten ARP­Tabellen der beteiligten Rechner hinterlegt. ● RARP ( Reverse Address Resolution Protocol) ermöglicht die Zuordnung von Hardwareadressen zu Internetadressen. Es gehört zur Vermittlungsschicht . ● Werden in IPv6 durch Neighbour Discovery ersetzt. 2.20 How do IETF standards denote the entity that you address by an IPv4 or IPv6 address? What is the physical equivalent (in a computer system)? How many IPv4 addresses and IPv6 addresses are there (approximately)? How many bits are required to store an IPv4 or an IPv6 address? Physical Entity: Network Interface Ich glaub, IPv4 4 mal 8 bit ­> z.B.: 192.168.3.2; IPv6 8 mal 16 bit ­> z.B.: [df23::23a3] IPv4 : 4 Bytes für eine Adresse (getrennt mit einem Punkt) → 32 Bits → 2^32 = 4.2Mrd IPv6 : 128 Bit für eine Adresse → 2^128 → viele (werden in 16bit Blöcke getrennt mit einem Doppelpunkt dargestellt) 2.21 What classes of IPv4 have been defined? What problem is there associated with classful addressing, how does work and what is the main advantage of this mechanism? Give an example for the address in CIDR notation. ● Class A bis Class E, ● wobei Class D für Multicast Groups und Class E Experimentell ist ● Class A → 8 Bit Network ID und 24 Bit Host ID, ● Class B → 16 Bit Network ID und 16 Bit Host ID, ● Class C → 24 Bit Network ID und 8 Bit Host ID Classless Inter­Domain Routing ( CIDR ) beschreibt ein Verfahren zur effizienteren Nutzung des bestehenden 32­Bit­ IP­Adress ­Raumes für IPv4 . Es wurde 1993 eingeführt, um die Größe von Routingtabellen zu reduzieren und um die verfügbaren Adressbereiche besser auszunutzen. Mit CIDR entfällt die feste Zuordnung einer IPv4­Adresse zu einer Netzklasse , aus welcher die Präfixlänge hervorging. Die Präfixlänge ist mit CIDR frei wählbar und muss deshalb beim Aufschreiben eines IP­Subnetzes mit angegeben werden. Dazu verwendet man häufig eine Netzmaske . Bei CIDR führte man als neue Notation so genannte Suffixe ein. Das Suffix gibt die Anzahl der 1­Bits in der Netzmaske an. Diese Schreibform, z. B. 172.17.0.0/17, ist viel kürzer und im Umgang einfacher als die Dotted decimal notation wie 172.17.0.0/255.255.128.0 und ebenfalls eindeutig. Bei IPv6 ist die Notation gleich wie beim CIDR in IPv4 und besteht aus IPv6­Adresse und Präfixlänge (z. B. 2001:0DB8:0:CD30::1/60). 2.22 Which notations are used for IPv4 and which for IPv6 addresses? Please give at least one example. Why can’t we replace more than one contiguous group of NULLs in an IPv6 address? IPv4 : 32 Bit aufgeteilt in 8 Bit Blöcke, getrennt mit Punkt → 192.168.0.1 IPv6 : 128 Bit aufgeteilt in 16 Bit Blöcke, getrennt durch Doppelpunkt → 2001:0629:2600:0688:0205:5daf:fe37:5113 Replacing by NULLs → es darf nur ein Block durch Nulls ersetzt werden, würde man mehrere Blöcke ersetzen, so wäre die Adresse nicht mehr eindeutig zuordenbar 2.23 How is an IPv6 address embedded in a URL? Why? ● http://[2001:0629:2600::5113]/ <­ in eckigen Klammern!!! ● Grund: URL verwendet Doppelpunkte zur Trennung. Parser kann – unter Umständen – nicht in der Lage sein, zwischen Port­Nummer und dem letzten 2 Byte­Wert der IP­Adresse zu unterscheiden. ● http://[2001:0629:2600::5113]:8080/ 2.24 Explain briefly "private networks" in the context of IPv4 addressing. What are the advantages and disadvantages of this form of addressing? By which concept private IPv4 networks have been replaced in IPv6? Bei IPv4 gibt es Adresseräume (z.B. 192.168.x.x) welche privat beliebig genutzt werden können . Dies ist vor allem wichtig für private Netzwerke. Außerdem herrscht ja in IPv4 das Problem, dass nicht für alle User eine eigene Adresse zur Verfügung steht. (Nachteil: ) Will ein Rechner aus einem privaten Netz ins öffentliche Netz, so muss die Adresse in eine öffentliche übersetzt werden. Dies geschieht mittels NAT (Network address translation oder proxies). Das IPv6 ­Pendant heißt Unique Local Addresses . Aufgrund des größeren Adressraums nutzt man dort 40 Bit der Netzadresse als zufällig gewählten Identifikator. Dieser soll die Wahrscheinlichkeit der Einmaligkeit eines privaten Netzes erhöhen, um Adresskonflikte bei Zusammenschluss von privaten Netzen zu vermindern. Erzeugt wird die ID von einem Client selbst (SLAAC??). Dann fragt dieser im Netzwerk nach, ob schon jemand diese Adresse hat. Wenn nicht, wird diese noch um einen globalen Prefix erweitert und dann als Adresse hergenommen. Die link local address (fe80:) wird wird aus der MAC generiert und verwendet bei SLAAC um eine globale Adresse vom Router zu bekommen. Normalerweise wird ein anderer Prefix vor den Identifier gestellt. 2.25 Describe the functionality and structure of a "Global Unicast Address" in IPv6 es soll die Fragmentierung des IPv6 Adressraumes vermieden werden 2.26 Describe the purpose and functionality of the extension headers in IPv6. Give examples of standard IPv6 extension headers or of optional extension headers, and briefly describe their use. Im Feld “Next Header” des IPv6 Header. The type of the next ext. header is given. All extension headers are optional and should only appear at most once. Standard ext. headers MUST be supported to be IPv6 compliant. ● Routing header : Sequenz von Routern, die vom Paket besucht werden müssen. ● Encapsulating Security Payload Header : Verschlüsselungs­Informationen in Bezug auf Security Payload, siehe RFC 4303 ● Optionaler extension header : z.B. Extension header für Mobile IPv6 2.27 What features of IPv6 packets allow for more efficient forwarding in routers? Compare the structure of IPv4 ‐ IPv6 headers with respect to forwarding. IPv4 TTL changes on every router. The checksum has to be updated on every hop as well. IPv6 header doesn’t have a checksum! Length of the IPv6 header is constant which allows more efficient processing in the router. Meiner Meinung nach: ● Flow­Label­Feld (20 Bits) : Zu einem Flow gehörende Pakete werden gleich behandelt 2.28 What does SLAAC stand for? Describe the essential steps of SLAAC in IPv6. S tate L ess A ddress A uto C onfiguation ­ IPv6 Autokonfiguration: ● S1 : Knoten berechnet EUI 64 Bit Interface ID und erstellt damit die Link­Local­Adresse (aus MAC) ● S2 : Knoten benutzt das Neighbour Discovery Protocol, um Router zu finden (ICMPv6) ● S3 : Duplicate Address Detection (DAD) Sicherstellen, dass gewählte Adresse kein zweites Mal existiert 2.29 What risks are associated with IPv6 address auto‐configuration and which countermeasures (alternative solutions) do you know? Global routbare Unicast­Adressen auf MAC­Adressen abbilden: ­ Emails werden von einem bestimmten Computer oder User gesendet. Weltweit identifizierbare IP. ­ Erstellen eines roaming/movement­Profiles für User: Welche prefixes verwendet eine bestimmte MAC­Adresse und wann ? ­ Alternativen: DHCPv6 oder statisch konfigurierte IPv6­Adresse, crypto IDs. 2.30 How does an IPv4/IPv6 stack decide on an incoming packet, to which one of the overlying transport protocol stacks the data is to be passed on? IPv4 Protocol header field, IPv6 NextHeader field (last header indicates the top layer protocol) 2.31 Briefly describe the need and principle of fragmentation and re‐assembling in IPv4 networks. Compare the fragmentation process of IPv4 and IPv6. Which are the most important modifications in IPv6 fragmentation? IPv4 Fragmentierung : Aufteilung eines Datenpakets auf mehrere physikalische Datenblöcke, falls die Gesamtlänge des Datenpakets größer als die Maximum Transmission Unit der Netzwerkschnittstelle ist. Sobald der IP­Stack (vgl. auch OSI­Modell oder TCP/IP­Referenzmodell ) ein Datenpaket zum Versenden enthält, prüft dieser, ob die Paketgröße eine Aufteilung anhand der für die zu verwendende Netzwerkschnittstelle gegebene MTU notwendig macht. Ist dies nötig, so teilt dieser das vorhandene Datenpaket in mehrere Datenpakete auf. Jedes IP­Datagramm, das fragmentiert wurde, behält seinen ursprünglichen Header bei und wird um einen sog. Fragmentation Flag gesetzt. Der Empfänger hat nun die Aufgabe, das Original aus den in den Paketheadern vorhandenen Informationen wieder zusammenzusetzen, indem er alle Fragmente mit gleichem IP­Header (mit Ausnahme der für jedes Fragment separaten Information) nimmt und sie anhand ihres Offsets in die richtige Reihenfolge bringt. IPv6 : Bei IPv6 ist es Routern nicht mehr erlaubt, Pakete zu fragmentieren. Der Absender wird bei Fragmentierungsbedarf immer mit einer ICMPv6 ­Nachricht vom Typ 2 (Packet Too Big) informiert. Dieser kann daraufhin seine Paketgrößen dadurch senken, dass die kommunizierende Anwendung kleinere, unfragmentierte Pakete erzeugt, oder dadurch, dass fragmentiert wird. Im zweiten Fall beginnt der Sender nach dem IPv6­Header einen Fragment Extension Header ( Protokoll 44 ) einzufügen, der die Parameter der Fragmentierung enthält, denn diese sind im IPv6­Header nicht mehr vorgesehen. path MTU discovery algorithms to determine the MTU on the path. 3 Part 3: Transport Layer 3.1 What is the role of the OSI transport layer? Why is it necessary for communication? Which 5‐tuple describes uniquely a connection in the Internet protocol stack? End2End­Communication, (Flow control, Segmentation/Reassembling, Error Control, Ordering) 5­Tupel: <Sender IP, Sender Port, Recv IP, Recv Port, Protocol> 3.2 Briefly describe the main characteristics, advantages, disadvantages and applications of UDP in relation to multimedia communications (signaling and media transmission). Which are the typical uses of UDP in practice? ● Verbindungslos ● Paket Strom (stream oriented) ● Geringe Zuverlässigkeit ○ keine retransmission!!! ○ Keine Reihenfolgen­/Ablaufsteuerung Vorteile : ● Schnell, kein Verbindungsaufbau vor Übertragung notwendig ● Geringe Übertragungsverzögerungs­Schwankungen (Jitter), da verloren gegangene Pakete nicht neu angefordert werden ­> lediglich Verlust an Qualität bei UDP Nachteile : ● Geringe Zuverlässigkeit, siehe oben ● kein congestion controll ­ kann TCP verbindungen verhungern lassen (starvation) Anwendung bei : ● VoIP ● Video Streaming ● everywhere, where the overhead of a TCP connection establishment is not acceptable ● low delay requirements 3.3 Briefly describe the main characteristics, advantages, disadvantages and applications of TCP in terms of multimedia communications (signaling and media transmission). Which are the typical applications of TCP in practice? ● Zuverlässige Übertragung ○ connection oriented. ○ Korrektes Reihen der Daten ○ Daten­Integrität: Checksummen­basierte Ausschluss fehlerhafter Segmente ○ Sequenz­Zähler ­ ordering ● Bidirektional, Verbindungs­Orientiert ○ Full­Duplex ○ Expliziter Verbindungsaufbau ● Flow Control: Empfänger steuert den Daten­Fluss ● Stauvermeidung: congestion control. Sender erkennt Beeinträchtigungen des Netzwerks und reagiert → Netzwerk­Freundliches Verhalten Vorteile : ● Zuverlässige Übertragung Nachteile : ● Langsamer als UDP, Verbindungsaufbau vor Übertragung notwendig. ● Großer Jitter, da verloren gegangene Pakete neu angefordert werden Anwendung bei: ● Signaling, control information. 3.4 Describe the establishment of a TCP connection. Which information is exchanged during a TCP connection establishment between sender and receiver? Why is this effort required? What is a socket in terms of communication networks? Der Client, der eine Verbindung aufbauen will, sendet dem Server ein SYN ­Paket (von englisch synchronize) mit einer random Sequenznummer x. SYN­Bit im TCP Header gesetzt. Der Server (siehe Skizze) empfängt das Paket. Ist der Port geschlossen, antwortet er mit einem TCP­RST, um zu signalisieren, dass keine Verbindung aufgebaut werden kann. Ist der Port geöffnet, SYN/ACK ­Paket. ACK­Flag im TCP­Header und bestaetigt Sequenznummer x+1 des SYN­Pakets. Zusätzlich sendet er im Gegenzug seine Start­ Sequenznummer y , die ebenfalls beliebig und unabhängig von der Start­Sequenznummer des Clients ist. Der Client bestätigt zuletzt den Erhalt des SYN/ACK­Pakets durch das Senden eines eigenen ACK ­Pakets mit der Sequenznummer x+1 . Dieser Vorgang w ird auch als „Forward Acknowledgement“ bezeichnet. Aus Sicherheitsgründen sendet der Client den Wert y+1 (die Sequenznummer des Servers + 1) im ACK­Segment zurück. Die Verbindung ist damit aufgebaut (Handshake erfolgreich). Socket (Wiki): Ein Socket (von engl. Sockel , Steckverbindung oder Steckdose ) ist ein im Arbeitsspeicher eines Computers reservierter Bereich, der als Kommunikationsendpunkt dient und über den sich ein Programm mit einem Rechnernetz verbinden oder mit anderen Computern Daten austauschen kann. Sockets werden auch verwendet, um zwischen Prozessen auf demselben Computer Daten zu verschicken ( Interprozesskommunikation ). Die Kommunikation über Sockets erfolgt in der Regel bidirektional , das heißt über das Socket können Daten sowohl empfangen als auch gesendet werden. 3.5 What is the main cause for the "sawtooth" behaviour in TCP transfer curves? Explain briefly the concepts of Slow Start, Congestion Avoidance, Fast Retransmit, Fast recovery. Source: https://en.wikipedia.org/wiki/Additive_increase/multiplicative_decrease Sawtooth : The approach taken is to increase the transmission rate (window size), probing for usable bandwidth, until loss occurs. The policy of additive increase may, for instance, increase the congestion window by a fixed amount every round trip time . When congestion is detected, the transmitter decreases the transmission rate by a multiplicative factor; for example, cut the congestion window in half after loss. The result is a saw­tooth behavior that represents the probe for bandwidth. ● Slow Start: ○ Target: Minimize impairment on overall network ○ Start with minimum traffic load, ○ Exponential increase depending on network status ● Congestion Avoidance: ○ Additive increase to avoid network congestion ● Fast retransmit: ○ triple Duplicate ACKs (without fast retransmission, the sender would wait for a timeout) ● Fast recovery No congestion window reset ○ Handle unique packet losses different than timeout 3.6 Which transport protocol is typically used for real‐time data transmission? Why? Give the (one) main reason why TCP is not suitable for the transmission of real‐time data. Sketch a specific scenario that illustrates the problem case. UDP, weil der größere Jitter bei TCP für Echtzeit­Daten ungeeignet ist. retransmission delay is not acceptable. scenario: packets get droped, retransmitted. other packets need to wait (head of line blocking). originally droped Packet arrives after designated playback time. 3.7 List and explain the design goals of SCTP. Which significant benefits does SCTP offer over TCP? SCTP = Stream Control Transmission Protocol Design Ziele: ● Verbindungsorientiertes Transportprotokoll ● Verwendbar mit IPv4 und IPv6 ● Effizienter Transport kleiner Nachrichten (chuck bundling, mehrer chunks in einem paket) ● TCP Fairness (congestion control) ● multi homing Vorteile gegenüber TCP: ● Festgelegte Nachrichten­Grenzen ● Multi­streaming ● Security (4­way handshake, Verwendung eines Cookies zum Authentifizieren) ● Mobilität ● partial reliability (not all msg have to be retransmittet) 3.8 SCTP message concepts: How is a SCTP connection called? How are SCTP data flows called? How is a SCTP packet structured (headers, chunks, including properties, examples)? What is the reason for this structure? What is the verification tag good for? SCTP = Stream Control Transmission Protocol Verbindung: SCTP Association Datenfluss: Stream Paketstruktur: ● ● SCTP header ○ fixed length ○ port numbers (source and destination) ○ verification tag ○ checksum SCTP chunks ○ INIT, INIT­ACK, COOKIE, COOKIE­ACK ○ DATA ○ SHUTDOWN, SHUTDOWN­ACK, SHUTDOWN­COMPLETE Reason for Structure: Small data chunks aggregated into single packet (efficiency) chunk bundeling Verification tag: 32 bits Zufällige Nummer, wird während Association Setup gewählt Verpflichtend in allen Nachrichten Schutz for Blind Attacks ­ Angreifer müsste verification tag erraten 3.9 TCP and SCTP security: draw the sequence diagrams for TCP and for SCTP connection establishment; name the messages that client and server exchange. Explain in detail which characteristics of TCP’s connection establishment make servers vulnerable to DoS attacks, how this attack works, which mechanisms SCTP uses to overcome this limitation, and how SCTP’s DoS protection works. SYN Flooding The TCP Server has to store the Information in after the first SYN. A group of senders (or even one) can send a lot of very small TCP SYN packets and the Server has to store information about all of them. Runs out of Memory. SCTP requieres a 4­way handshake . The Information of the Client is only stored after the Cookie­Echo Msg. A DoS attack would takes much more effort and requires the Client to invest some computation. 3.10 Explain the SCTP association establishment: message sequence, state storage, negotiated parameters ● Association is the name for an established SCTP Connection. ● SCTP uses 4­way­handshake (Cookie) ○ Security improvement (TCP: 3­way handshake) ○ No state stored in server after INIT ­ INIT­ACK ○ SYN­flooding protection ● Partial Ordering ○ Data is ordered on stream level. ● Parameters negotiated during SCTP association establishment: ○ Verification tags required by endpoints ○ Addresses used by each endpoint ○ Number of streams ○ Supported SCTP extensions ● Verify negotiated IP paths ○ HEARTBEAT, HEARTBEAT­ACK ○ Verify reachability of all negotiated IP adresses when no data is sent 3.11 Explain SCTP Multi‐Homing. Which features are available in the base configuration, which extensions to multi‐homing have been proposed? Explain (benefits, drawbacks). Ist ein Client ueber mehrere Adressen erreichbar, die ueber verschiedene Pfade geroutet werden (verschiedene ISPs, Redundanz) wird dieser Client multi­homed genannt. ● Alle Adressen koennen beim Setup angegeben werden ● Base SCTP verwendet diese Adressen nur zur Redundanz ○ Primärpfad (IP Adressenpaar) ○ Unidirectional, unterscheidet sich für hin/zurück ● Erweiterung: ○ Concurrent Multipath Transfer (CMT) ○ dynamic address reconfiguration (base configuration??) 3.12 Explain SCTP Multi‐Streaming, its benefits and drawbacks (including restrictions within/across streams). Which extensions improve streaming (benefits, drawbacks)? Unidirectional SCTP channel: SCTP stream – In­sequence delivery within same stream (partial ordering) – Drawback : NO guarantee for sequence across streams! – Benefits: ­ packet losses/retransmissions for one stream do NOT delay other streams. no Head of Line blocking. ­ Small DATA chunks can be bundled into one single packet (efficiency) Extensions for streaming improvements: ­ Partial Reliability Extension: SCTP sender decides that message is not retransmitted any more ­ Dynamic Address Reconfiguration: ­ Add or delete IP Addresses ­ Notify peer about specific address as primary path ­ Important: Security aspects ­ used for mobility features ­ SCTP Authentication: Protects series of chunks by keyed hash 3.13 Explain SCTP Security and Flow Control (benefits, drawbacks, including special security requirements of SCTP extensions). SCTP Congestion and Flow Control ­ SCTP adopts mechanisms from TCP ­ SCTP message­oriented structure requires adaptions: RFC 4960 SCTP Security: ­ Limitations of TLS over SCTP: RFC 343 ­ One TLS connection for bidirectional pair of streams ­ No support of unordered transfer or PR­SCTP ­ Limitations of IPsec ­ Modifications for multi­homing support (RFC 3554) ­ SCTP­aware DTLS (RFC 6083) ­ DTLS: Datagram Transport Layer Security ­ Must be used with SCTP­AUTH to protect control chunks 3.14 Which main features does DCCP provide over UDP? List and explain the DCCP design goals and design no‐goals. DCCP = Datagram Congestion Control Protocol Design Ziele: ● Minimalismus ● Robustheit ● Moderne Stau­Vermeidung (congestion control) ● Self­sufficiency (Was ist damit gemeint? ­> braucht keine weitere Applikation, damit es läuft) ● Unterstützung von zeit­zuverlässigem Datenaustausch ● kann bei einer unzuverlässigen Verbindung als Überlastungskontrolle eingesetzt werden Nicht­Ziele: ● No flow control ● no reliability ­ no retransmission, could be implemented by application. ● No selective reliability → Difficult to differentiate between packets of higher and of lower value ● No streams abstraction → Supported by SCTP ● No multicast support → None of advanced DCCP features fit to multicast 3.14 Sketch and explain the high‐level DCCP message structure concepts. 3.15 Detail on DCCP messaging principles (synchronization, acknowledgement). Explain reasons and operation of 24 and 48 bit sequence number support in DCCP. Sequence Numbers: ● DCCP nummeriert Packete ● DCCP acknowledges das letzte empfangene Paket ● Seqeuenznummer wird bei jedem Paket erhöht (egal ob control oder data packet) ● flexibel: 48 oder 24 bits Sequenznummern → tradeoff zw. Security und Overhead → umso größer der Zahlenraum für eine Sequenznummer, desto sicherer/robuster gegen Attacken (raten der Sequenznummern) Explicit synchronisation: ­ Receiver asks sender to confirm unexpected seq.no ­ Sync/SyncAck Acknowledgements: ­ Option: indicate which packets have been received ­ Acknowledge of acknowledgements → Delete sender state ­ Confirm that packet header and options have been processed correctly 3.16 Detail on DCCP features and feature negotiation (including mobility, multihoming, congestion control) Features: ­ DCCP Endpoints have: ­ Capabilities (implemented mechanisms) ­ Application requirements (preferred mechanisms) ­ DCCP endpoints must agree on parameters (am wichtigsten sind dabei die Congestion control methods) ­ Per­endpoint property, on which endpoints must agree Feature Negotiation: ­ Short sequence numbers ­ Congestion control algorithm for each half­connection Mobility & Multihoming ● Transport­layer can support mobility and multihoming ● DCCP includes dedicated functionality ● DCCP session concept ○ Session contains one or more DCCP component connections ○ When initiating a new DCCP connection: add option to attach to existing session ○ Each connection has its own congestion control state ● Socket layer API: one single socket for session ○ Shared by all components in this session ● Security concerns: forgery and replay ○ DCCP options that manage sessions are protected by nonces and digital signatures Congestion Control ● Applications select congestion control algorithm (agreement algo) ● Congestion Control IDs (CCID) ○ Name standardized congestion control algorithms ○ CCID describes how HC­sender limits packet rates, how HC­receiver delivers feedback ○ CCID2: TCP­like congestion control ■ Halve sending rate in response to congestion ■ Uses Ack vector option ■ Reverse path congestion: Ack Ratio feature ○ CCID3: ■ TFRC congestion: TCP Friendly Rate Control (RFC 3448) ■ Receiver feedback to sender on observed loss rate ■ No feedback: halve sending rate 3.17 List and discuss the four MPTCP Design Objectives and typical use cases for MPTCP. In which use cases MPTCP works well and in which cases it has performance problems? multi homing ­ improved performance, middle box friendly (middleboxes only see a TCP connection) uses TCP connection underneath. No problem with middleboxes. separate Sequence numbers on top of the tcp connections to enable reordering across the connections TCP connections underneath have their own sequence numbers to minimize the problems with middleboxes. 3.18 Explain the main benefits and drawbacks of mTCP over TCP and SCTP. Vorteile : ­ Mehrere Pfade gleichzeitig benutzbar ­ ­ Erhöhter Durchsatz und Redundanz SCTP: Basis­Protokoll unterstützt kein Sharing, Redundanz nur im Fehler­Fall Multiple tcp connections need to be established. overhead for setup separate sequence number for mTCP. (overhead) uses option field in TCP ­ might be removed on the path. if a connection is highly asymmetrical (one link fast, one slow), the performance of mptcp is worse than TCP. a slow link could block out faster other links. 3.19 Middleboxes: discuss how middleboxes on the path can impact on SCTP communications and detail on the solutions adopted by MPTCP to overcome these limitations. Which problems can MPTCP‐capable endpoints encounter when middleboxes are on their communication path? only TCP and UDP allowed 3.20 Draw a sequence diagram for MPTCP connection establishment (at least 2 flows). How do the endpoints discover MPTCP capabilities of the communicating party? How do they discover alternative interfaces and routes? Folie 123 3.21 MPTCP security and subflows: Is MPTCP subflow handling safe against blind attacks and against man‐in‐the‐middle attacks? Detail! Discuss how an additional subflow is added to an existing MPTCP connection (sequence diagram), and which mechanisms MPTCP uses to prevent hijacking of subflows by attackers. keys for subflow authentication 3.22 MPTCP data handling: Explain how MPTCP handles sequence numbering and window sizes for subflows and for the aggregated data . separte sequence number for all subflows. individual flows use there own standard TCP sequence numbering. All subflows advertise the same window • Used for the aggregated flow 4 Part 4: Application Layer 4.1 Describe the two main paradigms of application‐layer architectures discussed in the lecture (focus: network topology), name their components, discuss requirements, benefits and challenges from customer and provider perspective. Server Client: ● Server ○ offering service ○ always available ○ can handle many clients ○ single point of failure ● Client ○ using a service, offered by server ○ does not connect to other client Peer­to­peer ● Benefist ○ Clients connect to each other ○ Scalability ○ Resilience against failure ● Challenges ○ Asymmetric access and IP address changes ○ Security ○ Business cases 4.2 Define the concept of vertical and horizontal service architectures. Discuss their benefits and drawbacks. Überlegungen horizontal ­ vertikal: ● Custom implementation vs. Middleware ● Time­to­market, application complexity ● Trade­off: flexibility vs. Optimization ● Vertikal : z.B.: circuit­switched applications, PSTN Topics: komplexe Applikationen, Security, Roaming ● Horizontal : z.B.: IP, Datennetzwerke, Middleware Generische Architektur (gleiche allgemeine Funktionen, gleiche Routingfunktionen), spezifische Applikations packetvermittlung Benefits? Drawbacks? 4.3 Name and discuss the four criteria which can be used for transport service classification and selection. ● ● ● ● Reliability : zuverlässige Datenübertragung vs. Applikationen welche Verluste tolerieren Throuput : garantierter throuput vs. best effort, bandbreiten­sensitive Applikationen (streaming apps,..), “elastische” Applikationen (HTTP, FTP,...) → elastisch heißt, dass der timing­Aspekt, also die zeitliche Komponente nicht von Bedeutung ist Timing : garantiertes Timing für bestimmten Pfad, Metriken: end­to­end delay vs. delay variation Security : Verschlüsselung, Datenintegrität, Authentification, etc. 4.4 Which are the four components/extensions which application‐layer protocols typically add to transport‐layer functionality in terms of syntax and semantics? Source: CN2­04­Application S.30 ● ● ● ● Type der auszutauschenden Nachricht : request, response Message Syntax : Message layout, Position der Protokoll Felder Message Semantik : Bedeutung der Information in den einzelnen Protokoll Feldern (inkludiert Payload Data) Protokollfluss und Sequenz : Regel (wann soll was gesendet werden), Zustandsdiagramme (können sehr komplex sein) 4.5 Compare today’s application protocols with respect to in‐band and out‐of band signalling. Give examples, discuss benefits and drawbacks of the two variants. In­band signalling wird heutzutage öfter verwendet: ● Eine Verbinung wird für Daten aber auch für Steuerung verwendet ● data and control is sent over the same channel! Out­of­band signalling : (Gründe: getrennte Daten­ und Steuerungscharakteristiken, Performance → FTP: dezidierte Verbindung für binären Datentransfer) different transport characteristics required. SIP ­ reliable (TCP), media data unreliable (UDP) 4.6 What are the essential functions of DNS (domain name system)? What were the five main goals in the definition of DNS? How was the functionality of the Internet DNS implemented BEFORE the definition/implementation of DNS? ● Funktion: Mapping von menschen lesbaren Namen zur Ressourcen (wichtig: Aufgabe ist nicht nur die Verbindung von Hosts und IP­Adressen, das ist nur ein Teil, welcher viel einfacher gelöst werden könnte) Flexibilität , Einfachheit und einfache Benutzung, Distributed Database mit local caching Target: Hierarchical namespace; Umlegung eines Namens/Bezeichung auf eine Ressource NICHT NUR FÜR Domains/IPs Standard DNS Tasks : ● Namesauflösung (Name zu IP Adresse, Reverse translation →IP Adresse zu Host) ● Host aliasing: host hat verschiedene Adressen (z.B.: kronos.ibk.tuwien.ac.at hat die aliase www.ibk.tuwien.ac.at und ibk.tuwien.ac.at) ● Mail server aliasing (z.B.: mail.smtp.tuwien.ac.at can referenziert werden als tuwien.ac.at) ● Lastverteilung: DNS verteilt die Last auf verschiedene IP Adressen (rotiert die IPs) DNS is: ● Eine verteilte Datenbank, bestehend aus zusammenarbeitenden DNS Servern ● Ein Application­Layer Protokoll, das Abfragen der Datenbank für Hosts ermöglicht Design Goals: Source: CN2­04­Application S.42 ● konsistenter Namensraum : unabhängig von network identifiers, addresses, routes ● verteilte Datenbank mit lokalem caching : hauptsächlich wegen der Größe und der Updatefrequenz, lokale Kontrolle über lokale Ressourcen (dh. lokal kann ein Host hinzugefügt oder gelöscht werden, ohne eine andere Organisation zu kontaktieren), caching steigert die Performance ● Generische Konzept : nicht limitiert für ein einzelnes Service, verschiedene Ressource Types ● ● unabhängig vom Transportsystem : DNS ist nicht beschränkt auf IP, unterstützt auch andere Netzwerke und Transport Protokolle unabhängig von der Hardware: kann von kleinen Knoten, als auch von großen Servern verwendet werden Früher Implementierung: mittels File host.txt, welches vom NIC gewartet wurde und via FTP von jedem Host geladen wurde → Problem : Wachstum des Internets, hosts.txt wurde immer größer 4.7 Describe the architecture (components) of DNS and the DNS‐specific terms. ● ● ● Client Server Model Main Components (hierachisch orgranisiert): ○ Name Servers (NS): sind zuständig für Datenbank updates und Aktualisierungen ○ Clients (Resolver): ist das User Interface, Failure Recovery, Distribution Name servers manage 2 Typen von Daten ○ Zones: Komplette Datenbank für Subtree des Domain Space (Authoritive) ○ Cached Data: Gespeicherte Einträge anderer Zonen 4.8 How does a DNS client find the first DNS server which is to be contacted for name resolution? Erste DNS ist normalerweise festgelegt (fix konfiguriert bzw. über DHCP), ansonsten über root­server runter bis Authoritve NS retour an NS. 4.9 What is a DNS Resource Record? Detail on the RR structure. What is the DNS RR type required for? Specify at least five examples of DNS Record Types (preferably those that are of importance for SIP‐based multimedia communication). DNS Resource Record : ist der DNS Datenspeicher, die DNS Server speichern die DNS Struktur: Daten in sogenannten Resource Records (4­tuple: Name, Value, Type, TTL), z.B.: ● A­Type record: Type=A, Name=hosts kompletter Domain Name (FQDN...fully qualified domain name), Value: hosts IPv4 adress, TTL=time to live ● Examples for DNS Record Types: ○ A­Record: IPv4 ○ AAAA­Record: IPv6 Adresse ○ CName : alias ○ NS : reference to the authoritative Name Server ○ PTR : pointer record → Pointer to a canonical name. ○ SRV : service locator → Generalized service location ○ MX : mail exchange ○ NAPTR : naming authority pointer ○ TXT ○ CERT 4.10 Two key concepts in the architecture of DNS increase DNS performance to scale for worldwide use. Which are these? Explain the concept of authoritative NS in this context. ● ● ● Lokales Caching Verteilung der Rootserver mit AnyCast­Adressen (“einer­aus­n” Semantik, der näheste DNS­Server antwortet) Zeitliche Zugriffsregelung Source: https://en.wikipedia.org/wiki/Authoritative_name_server authoritative NS Authoritative name server is a name server that gives answers in response to questions asked about names in a zone. Name servers can also be configured to give authoritative answers to queries in some zones, while acting as a caching name server for all other zones. mMn : der authoritative DNS­Server ist für seine Zone/Domain zuständig, die non­authoritive DNS­Server fragen beim authoritative DNS­Server nach (DNS query) DNS TTL → gibt an wie lange ein RR gültig ist; danach muss dieser RR wieder neu geladen werden (hier gilt es einen Tradeoff zwischen zu kleinem TTL (→ hoher Traffic) und einem hohen TTL (­­> Änderungen werden nicht übernommen) zu finden Mit dem DNS Request vom Typ NS wird ebenfalls der authoritative NS zurückgeliefert. 4.11 Which two query strategies are supported by DNS? Sketch down one hypothetical query sequence diagram (e.g., for www.google.com) for any of the two strategies and explain benefits and drawbacks from a client and a server perspective. ● Iterative Query (meistens verwendet) ○ Local DNS ○ verringert die Last auf den root DNS Servern ○ großes Potential für caching auf den lokalen DNS ○ jedoch wird die Last am lokalen DNS erhöht → Lastverteilung ● Recursive Query (wird nur selten verwendet) ○ lokaler DNS delegiert Query zu anderem Server ○ generiert einen hohen Datenverkehr im Netzwerk ○ passt nicht wirklich zur hierachischen Struktur des DNS designs ● 4.12 Explain the four main sections of a DNS response, their meaning and status (optional, mandatory) ● ● Question Section : eine Frage für eine spezifische RR (DNS resource record) Authority Section : falls der NS (name server) keine Antwort auf die Anfrage hat, so gibt er bekannt, welcher NS statt ihm kontaktiert werden soll ● ● Answer Section : eine oder mehrere RRs (resource records), welche angefragt wurden Additional Section : helpful RRs (z.B.: ein A­Record for CNAME Query) 4.13 Why is DNS security so important? Detail on possible attacks and their severity and likelihood to be detected. wenn DNS nicht funktioniert, funktioniert auch das Internet nicht Angriffsmöglichkeiten: ● (Distributed) Denial of Service ○ Overload root servers with traffic ○ Overload TLDs (top level domain servers) → wird öfter gemacht als der Angriff auf die root server, da die meisten Queries an die root server gechached sind ● Redirect/inefect DNS traffic (man in the middle ­ modify answer RRs (resource record), DNS poisoning ­ DNS server caches gefälschte Antwort ● Misuse: Nutzung von DNS um einen DDoS (distributed denial of service) zu erzeugen 4.14 What does ENUM do, what is it needed for and how is it related to the DNS? E. 164 NU mber M apping (ENUM) → ITU Standard des internationalen Telefonnummern Formats Motivation: zusammenführen von zellularen Netzwerken und Datennetzwerken → gemeinsames Adressenschema nicht machbar → in der Telefonie werden E.164 Nummern verwendet, im Internet jedoch IP Adressen (SIP URIs) Die Aufgabe von ENUM ist es nun eine Telefonnummer in eine SIP URI (Uniform Resource Identifier) zu übersetzen Dies funktioniert so : wir suchen die SIP URI welche zur Telefonnr: E.164 phone number +43 1 58801 38813 gehört 1. Remove “+” and spaces: 4315880138813 2. Reverse digit order: 3188310885134 3. Add dots after each digit: 3.1.8.8.3.1.0.8.8.5.1.3.4 4. Append domain suffix e164.arpa: 3.1.8.8.3.1.0.8.8.5.1.3.4 .e164.arpa 5. Search NAPTR records for 3.1.8.8.3.1.0.8.8.5.1.3.4.e164.arpa 4.15 List and explain the (generic) components required for end‐to‐end email exchange. ● ● ● Store and forward Konzept Server “always on” → Client nur temporär online Komponenten für Mail ○ User Agents: Mail Clients (Thunderbird, Outlook,...), “Mail User Agents” (MUA) ○ Mail Servers: Registrierte DNS MX records, speichern mails in der Mailbox des users, leiten Mails via Ausgangsqueue weiter, “Mail Transfer Agents” (MTA) ○ Transfer Protokol: ■ Mail transfer (SMTP... S imple Ma il Tr ansfer P rotocol) ■ Mail download (POP3, IMAP) 4.16 Sketch a sequence diagram for generic end‐to‐end email exchange, including all involved parties (DNS) and explain the steps. 4.17 Describe the main concepts, design and functionality of SMTP. Topics: standardization, functionality, for which tasks it is used for (and for which not), error handling, message format and encoding. ● ● ● ● ● ● ● ● SMTP...Simple Mail Transfer Protocol standardisiert im RFC5321 ○ verbindungsorientiert, text­basiert SMTP legt das message exchange protocol fest SMTP ist für den Austausch von Mail­Nachrichten ○ Senden eines Mail vom User zum Server ○ Austausch von Nachrichten zwischen Mail Servern ○ NICHT für die Mailabfrage eines Users von einem Server SMTP verwendet TCP (da zuverlässig, Empfang der Pakete in der richtigen Reihenfolge) Mail Weiterleitung und Übertragung zwischen Servern nutzt den Port 25 Mail Sendung von einem User nutzt den Port 587 Ablauf eines Mail Sendung: ○ Client sendet Mail zum Mail­Server (via Telnet auf Port 25) ○ Server lokalisiert mittels DNS den Mail­Server des Empfängers ○ Sende­Server verbindet sich mit dem Empfänger­Mail­Server ○ Sende­Server leitet die Mail weiter an den Empfänger­Mail­Server ● ● ○ Empfänger­Mail­Server speichert die Nachricht in der Mailbox des Users Fehlerbehandlung : transiente vs. permanente Fehler ○ Backup Strategien → Verzögerung der Zustellung → Sende­Server stellt die Nachricht in eine Queue und versucht periodisch den Empfänger­Server zu erreichen (bis zu einem Timeout) ○ Fehler wenn Empfänger­Server nicht erreichbar ist (4­5 Tage) → Sender der Nachricht wird darüber informiert SMTP Message Transfer : ○ ursprünglich: Plain Text (7 Bit ASCII code) → Problem mit Objekten (z.B.: Bildern) → Abhilfe: MIME (Multipurpose Internet Mail Extensions) ○ In­band control communication: commands werden auch Plain Text gesendet → Reihenfolge ist wichtig ● ● Security : → da Plain Text verwendet wird → unsicher → Abhören (Eavesdropping), Abfangen (Interception), Modifizierung, unsicher auch wenn TLS/SSL verwendet wird, da hier nur die Verbindung zwischen Sende­Client und Sende­Server gesichert wird → der Sende­Server muss geschützt werden (da sonst z.B. der Port 25 zum Senden von Spam missbraucht werden kann) → Abhilfe : Weiterleitung zwischen Mail Servern ist mittels Authentisierung gesichert, oder es wird nur zwischen bekannten Mail­Servern weitergeleitet (nicht zu externen), Blacklist Mail Server welche SPAM verschicken Mail Empfang mittels verschiedenen Protokollen → POP3 (Post Office Protocol Version), IMAP (Internet Mail Access Protocol), oder proprietäre Protokolle (push­email) 4.18 Detail on SMTP security threats and solutions. → siehe Frage 4.17 4.19 Describe the main concepts, design and functionality of the POP3 protocol. Topics: need for POP3 (why can’t we use SMTP instead of POP3?), protocol basics (encoding, architecture), POP3 session states, security issues. ● ● SMTP nicht verwendbar, weil dafür der Client “always on” sein müsste POP3 (Post Office Protocol) standardisiert im RFC 1393 ● ● ● ● ● ● ● Client­Server Textbasierte Steuerung → Authentifizierung (username und pw) auch Klartext → Security Abhilfe: SSL oder TLS POP3 verwendet verschiedene Phasen: ○ Authentifizierung: User authentifiziert sich mit POP3 Server ○ Transaction: Laden von Mails (geht nur wenn die Authentifizierung geklappt hat) ○ Update: Session beenden, Clean­up Verwendung von Commands um den Server zu steuern (z.B.: um eine Mail herunterzuladen) → USER, PASS, QUIT, STAT, LIST, RETR, DELE, NOOP, RSET POP3 antwortet mit +OK oder ­ERR in jeder Phase sind nur gewissen Commands zulässig (z.B.: im Authentifizierungs Zustand → USER, PASS, QUIT) 4.20 Detail on the IMAP protocol. Topics: protocol, improvements, added functionality and drawbacks of IMAP when compared to POP3 ● ● ● IMAP...Internet Mail Access Protocol POP3 → sehr einfach → download und löschen von Mails, kein session­übergreifender Zustand, keine Ordnerstruktur in der Mailbox möglich IMAP → Order Struktur auch am Server möglich, selektiver Download von Message­Teilen, mehr Features (jedoch auch komplexer) ● ● IMAP verbindungsorientiert, verwendet TCP ebenfalls verschiedene Zustände (in welchen nur bestimmte Commands zulässig sind) 4.21 Describe the HTTP protocol architecture and concepts. Topics: reason for WWW success, WWW building blocks, standardization, HTTP transport protocols, components and operation. HTTP...Hyper Text Transfer Protocol ● Information on demand, Einfachheit Informationen auf einer Web page bereitzustellen, Navagation und Suchfunktion, Applikationen wie Facebook, Youtube,... ● Main WWW building blocks : ○ Hyper Text Transfer Protocol (HTTP): Datentransfer ○ Hyper Markup Language (HTML): Content ● Client­Server Model, Request­Response Messaging ● stateless ● HTTP verwendet zuverlässiges Übertragungsverfahren TCP als unterliegendes Protokol (auch mittels SSL möglich → HTTPS) ● HTTP definiert: ○ Struktur von Messages ○ ● ● ● ● Protokollfluss (wie kann ein Client eine Webpage von einem Server anfordern, wie sendet der Server die Exchange­Message) Web Page besteht aus Objekten → ein Objekt ist ein File, welches via eine URL erreicht wird (Objekte z.B.: jpeg Bild, video File, Java Applet,...) ● Im Webbrowser ist die Client­Seite implementiert HTTP Message: ○ Request (wird vom Client zum Server gesendet) ­ Response (vom Server zum Client) ○ Plain Text ASCII, variable Message Größe HTTP Message besteht aus: ○ Request line ○ Header (variable Anzahl an Header Lines) ○ Body (getrennt vom Header durch Leerzeile) 4.22 Compare persistent HTTP against non‐persistent HTTP, benefits and drawbacks from client and server perspective. Sketch the sequence diagrams for transferring two objects as part of one web page for the two variants, respectively. ● non­persistent : HTTP Server schließt die TCP Verbindung nach der Übertragung eines Objekts → neue TCP Verbindung für jedes Objekt auf einer Webpage erforderlich, es ist jedoch möglich mehrere TCP Verbindungen gleichzeitig aufzumachen (jedoch nur bis zu einer bestimmten Anzahl) ● persistent : HTTP Server hält die TCP Verbindungen offen, nachdem ein Objekt übertragen wurde → die TCP Verbindung kann somit wiederverwendet werden ● Performance von HTTP : delay bis eine Seite beim Client angezeigt wird → hängt von einer ganzen Kette ab (DNS­request, eine RTT für TCP Verbindungsaufbau, eine RTT für HTTP Query, Server delay zb aufgrund von einer Datenbankabfrage, Delay durch File Übertragung) 4.23 Explain HTTP cookies and caching. Which specific HTTP headers are used for improving cache performance and reducing network transfer? ● ● ● HTTP Cookies → um den Server­Status zu speichern und wiederherzustellen Caching → steigert die Performance → Proxy Server → speichert Responses zwischen → wenn ein anderer Client die gleiche Information aufruft, werden ihm die gecachten Daten geliefert. Header ○ last­modiefied ­ timestamp ○ if­modified­since ­ proxy requests https server, if cache is still valid, only header is replied. 4.24 Describe the FTP protocol. Topics: architecture, transport protocols, messaging, NAT/firewall troubles and solutions, security issues, alternatives. ● ● ● ● ● ● ● ● ● File Transfer Protocol...FTP wichtigste Anforderung: zuverlässiges Kopieren von Daten zwischen einem lokalen und einem remote Host Client­Server Architektur zuverlässige Verbindung, Byte Stream Klartext­basiertes Protokoll Authentifizierung optional und mittels Klartext­Passwort → nicht sicher es werden zwei verschiedene Verbindungen verwendet → dh. out­of­band signalling ­­> Port 21 für Server Control, Port 20 für Server Daten Verbindung wird nach jeder Übertragung beendet Verschiedene Zustände mit bestimmten Commands ○ Authentication: USER, PASS ○ Transfer: LIST, PWD, CD dir, PASV, RETR, STOR ● ● ○ Close: QUIT FTP wird immer weniger verwendet, da es nicht sicher ist und Probleme mit NAT hat → wird ersetzt durch HTTP/HTTPS download, SFTP, SCP,... NAT Problem: to transfer Data from Server to Client, the Server would have to open a connection, which is usually not possible. Passive­Mode: Client opens a connection to Server. 5 Part 5: Multimedia Networking and SIP 5.1 What is the main challenge in transferring multimedia content over packet‐switched networks? List and explain the three distinct classes of multimedia applications (according to their networking requirements). Challenges : ● Requirements depend on specific multimedia type ● From 10 kbps audio to more than 3 Mbps video ● Response times ● real­time requirements Classes of multimedia : ● Streaming or stored audio or video ­ Streaming: receiver starts playout before receiving entire file ­ Stored audio: entire file must be received before playout starts ● Streaming live audio/video ­ Live sports events ● Conversational audio/video ­ Human conversation 5.2 Explain the three main properties (characteristics) of video which have been presented in the lecture. Detail on the variants of redundancy which are exploited by modern video codecs and on video bit rates. Video properties : ● Frame (image) rate ­ E.g., 24 or 30 images (frames) per second (fps) ­ The higher the frame rate, the higher the bit rate ● Frame (image) size ­ E.g., 1920x1080, 640 x 480, … ● Compression: ­ Exploit spatial and temporal redundancy Redundancy : ● Spatial: within one image (blue sky, similar color) ● Temporal: between subsequent images (delta) 5.3 Explain audio coding and sampling. When converting an analog audio signal, which technical parameters bias on the quality of the digitalized output result? ● ● ● ● ● Analog audio signal sampled at constant rate ­ Telephone: 8000 samples/sec ­ CD music: 44100 samples/sec Each sample quantized ­ E.g., 2 8 =256 possible quantized values ­ Each quantized value represented by bits, e.g., 8 bits for 256 values Example: 8,000 samples/sec, 256 quantized values: ­ 64,000 bps Receiver must convert bits back to analog signal: ­ Some quality reduction ­ Quantization error Example rates ­ CD: 1.411 Mbps ­ MP3: 96, 128, 160 kbps ­ Internet telephony: Starting at 5.3 kbps 5.4 Which factors and constraints must be considered when replaying audio or video (at variable bit rate and at constant bit rate)? Sketch the corresponding time diagrams. ● ● CBR : (constant bit rate): ­ video encoding rate fixed VBR : (variable bit rate): ­ video encoding rate changes as amount of spatial, temporal coding changes ● Other challenges: ○ Client interactivity: ○ ■ Pause, fast­forward, rewind, jump through video Video packets may be lost , retransmitted, reordering 5.5 Which models exist for quantifying perceived audio signal quality? Which two factors impair most on the perceived voice quality? Which standardization organizations have set which limits (give these values). Mean Opinion Score (MOS) ● Methods for subjective determination of transmission quality ● Standardizes subjective listening tests ● 1­5 rating. 1 being very anying 5 not noticable difference E­Model (R­Value) ● Percentage. How many people are satisfied with the audio quality ITU­T ( International Telecommunication Union) Recommendations: G.114, Y.1541 Mouth­to­ear delay (including packetization, etc.): end­end­delay ● <150 ms: good ● 150­400 ms: acceptable ● >400 ms: not acceptable Packet loss from 1% to maximum 10% acceptable 5.6 Audio quality estimation differentiates between two types of algorithms. Name these two algorithms and explain benefits and drawbacks. R­Value and MOS???? 5.7 Discuss trade‐offs, challenges and possible solutions in VoIP communications (focus: adaptive playout adjustment). Trade­off : playout delay vs. loss rate ● Goal: low playout delay, low late loss rate ­ Adaptive playout delay adjustment ­ Function of network delay ­ Packets played out every 20 msec during talk spurt ● Recovery from packet loss ­ Retransmission not feasible ­ Forward Error Correction (FEC) ● Add redundant data to packets ­ Interleaving ­ Partition packets in smaller chunks (e.g. 5ms) ­ Distribute sample onto several packets 5.8 Describe in brief the steps and components which are required to transfer voice over packet‐switched IP networks (chain from transmitter to receiver). 5.9 Which transport protocol is used by RTP? Which real‐time data transport essential information includes the RTP header? RTP : Real­Time Transport Protocol RTP (application layer) is implemented on top of UDP (User Datagram Protocol, transport layer) Essentials in header : ● Sequence number : 16 bit, incremented for each RTP packet, Used to detect packet loss and to restore packet sequence ● Timestamp : 32 bits, Reflects sampling time of first payload octet, Used for synchronization and jitter calculations, Granularity determined by payload type 5.10 Given an RTP stream and a network path with specific delay (100 ms) and loss rate (3%). The RTP stream is sent over the network path before at the path egress (exit) the stream’s perceived QoS (pQoS) is computed. Will the pQoS results for two subsequent measurements be identical? Explain! differen Streams. out of a statisitical the 3% could be in a short interval. then the PERCIEVED QoS will be much smaller. loss period length. very subjective observation! 5.11 What is the function of the jitter buffer in real‐time communications? Which benefits and drawbacks are associated with it? Which information in the RTP header is essential for the processing of RTP packets in the jitter buffer? RTP header: Timestamp (32 bit) is used for jitter calculations Client side buffering enables compensation of delay and jitter: Vorteile : ­ Kann Congestion ausgleichen ­ Ordnet Pakete ­ Gleichmäßige Verzögerung zwischen Paketen Nachteile : ­ Verursacht zusätzliche Verzögerung 5.12 Do SIP signalling and RTP media streams follow same or distinct routes? Why? Who determines the use of intermediate nodes? Basic rule : SIP requests and all associated responses must ALWAYS follow the same route! ­ ­ Responses uses reverse route of request Safeguard consistent state in intermediate nodes Why? Who? ISP RTP can take a differnt path to optimize routing. 5.13 Which is the main task of the RTCP protocol? Name and discuss the four functions that RTCP fulfils. Name the RTCP packet types and describe the reason and function of RTCP rate limiting. Real­Time Transport Control Protocol (RTCP) Four functions ● Feedback on quality of data distribution ● RTCP carries source identifier: CNAME (for sync) ● Control rate based on number of participants ● (optional): Convey minimum control information RTCP packet types ● Receiver report Fraction of packets lost, last sequence number, average inter­arrival, jitter ● Sender report SSRC (Synchronisation Source) of RTP stream, current time, number of packets sent, number of bytes sent ● Source description e­mail address of sender, sender's name, SSRC of associated RTP stream: mapping SSRC to host name RTCP rate limiting ­ Security mechanism: prevent overload ­ Max. 5% of session bandwidth ­ Out of which 75% to receivers, 25% to senders 5.14 Name the RTCP packet types and their purpose. Describe and discuss the reason and function of RTCP rate limiting (including values). siehe 5.13 5.15 What is SIP? Explain the key features of SIP. Is SIP sufficient to fully implement phone calls over IP? Which are the transport protocols used by SIP? Session Initiation Protocol (SIP) ● ● ● ● ● ● Setup and teardown of connections Conference management Naming and addressing infrastructure Flexible service creation environment User and service location User authentication Independent of network and transport protocols ­ UDP, TCP, IPv4, IPv6 Simple Fault resistant 5.16 Name and describe the main four functions which SIP performs. SIP performs ● Session set­up & tear­down ● User location ○ Find the terminal a user is currently logged onto ● User availability ○ Willingness of called party to accept call ● User capabilities ○ Negotiate media capabilities of participants and systems 5.17 Name the three SIP server types (based on the storing of state information in SIP servers)? Indicate for each of these server types at least one application area. ● ● ● ● Proxy Server ­ Relays call signaling ­ Provides proprietary interface to Registrar Registrar ­ Accepts registrations from users ­ Stores user location & information Redirect Server ­ Redirects requests Back­to­Back User Agent (B2B UA) ­ Can be used for topology hiding 5.18 Describe the main features of the SIP protocol (message format, encoding, message types). How can one categorize SIP messages according to their type (aligned with HTTP)? Name and explain the status‐code‐defined classes / categories of reply messages in SIP (similar to HTTP). Message Format: ● Two types of SIP messages: ­ SIP Requests ­ SIP Responses ● Common SIP message structure: ­ A start line ­ Several message­headers ­ An empty line (<CR><LF>) ­ An optional message body: E.g. SDP Types of Status Codes: • Provisional (1xx) ­ request received, continuing to process the request • Success (2xx) ­ the request was accepted • Redirection (3xx) ­ further action needs to be taken to complete the request • Client Error (4xx) ­ the request contains bad syntax or cannot be fulfilled at this server • Server Error (5xx) ­ the server failed to fulfil the request • Global Failure (6xx)­ the request cannot be fulfilled at any server 5.19 How do the SIP standard documents term a SIP endpoint (terminal)? Which two roles can the terminal have? What is the reason of this strict logical separation? User Agent (UA) communication roles –Active (Initiating) Part: User Agent Client (UAC) –Passive (Server) Part: User Agent Server (UAS) Logische Trennung auch für Verrechnung 5.20 Explain the concepts and grouping of SIP‐based messaging and communications – i.e., identify and explain the groups of associated messages defined by SIP. ● ● ● ● Message (text, Request, Response) Transaction (Sequenz zwischen UAC und AUS – erster Request und letzter Response) Dialog ( Invite bis BYE) Call: All the Dialogs a UA is involved in 5.21 Describe the process of call setup in SIP in the form of a sequence diagram (requests, responses, message name). How is a SIP‐address named in the SIP standards? Give an example of a SIP address. Simple End to End call: • SIP Address: Uniform Resource Identifier (SIP URI) Generic SIP URI syntax: sip:user:password@host:port;uri­parameters?headers Example: CN_11­[email protected] 5.22 What are the mechanisms used by SIP to compensate for packet loss? Are Invite and non‐Invite transactions treated differently with respect to this criterion? Detail your answer and explain. Lost messages are retransmitted ● Needed for unreliable transport (UDP) ● Initial retransmission timer value T1 ○ default: 500 ms ● Estimated round­trip time (RTT) ● Timer A, B, D ● Doubled for each retransmit (for INVITE requests ) ● Maximum size limited to 32 s 5.23 Why do we need a SIP registration (i.e., what is a SIP registration required for, which functionality is associated with a SIP registration) User Contact information, Verfügbarkeit, Authentification Location!!! database of registered user ­ sip URI ­> transport address 5.24 How can an existing SIP registration be deleted? Which message is used on this purpose? How can a registration of one single UA be deleted and how the registration of all UAs of this specific user? REGISTER command with “Expires: 0” to del all UA: “Contact *” in REGISTER (and Exp 0) 5.25 Describe the routing process in SIP. Based on what information and how exactly does (SIP) route initial requests from sender to receiver? What information determines the route of their answers (responses)? Responses uses reverse route of request! Via header in SIP requests ● Used for recording the route of an request ● Order of Via header fields is important ● UA generating a request records its own contact address in the first Via header field ● A proxy forwarding the request adds its own address into the top of the Via header ● Via header required for routing SIP responses back to originator of SIP request (same path!) ● Via header of the request is copied into the response and the response is sent back to the first Via header entry ● A proxy forwarding the response removes the top Via field (itself) and forwards the response to the address specified in the next Via field 5.26 Which SIP headers support the deterministic routing of subsequent requests in SIP? Mit dem Route Header – es werden alle Proxies in umgekehrter Reihenfolge durchlaufen beim INVITE wird der ROUTE header aufgebaut und beim OK mitgesendet beim naechsten request (BYE) wird der route header verwendet. 5.27 Explain by means of sequence diagrams, the different behaviour of the three SIP proxy options discussed in the lecture (and name these three proxy variants). ● Stateless Proxy ○ Easier to implement, fast processing of SIP messages ● ● ○ Can not support TCP ○ Must not generate its own provisional responses (1xx) ○ Can not be used for billing, forking, application control … Transaction Stateful Proxy ○ Remembers state for any SIP transaction (required for forking) ○ Can generate its own provisional responses (1xx) ○ Can support TCP and/or UDP ○ Can not be used for billing and application control Call Stateful Proxy ○ Remembers the state for every SIP Call (forking) ○ needed for billing and for application control 5.28 Which protocols are typically used together with SIP for multimedia communication? Why? RTP für Multimedia Transport, SDP für Multimedia­Daten­Verbindungsaufbau, RTCP Realtime Transmission Control Protocol, RSVP, STUN, TURN, ICE (NAT traversal) 5.29 What does SDP? How does SDP enable connection establishment and which role does it play exactly? How is a RTP connection established in SIP? How are the corresponding connection parameters (e.g. codecs) configured? Session Description Protocol – Gibt die Media­Verbindungen an, handelt die Verwendeten Multimedia­Protokolle aus (Audio/Video), Session Description (Informationen). one party offers a set of codecs and the other porty choses one. session negotiation. 5.30 Describe the problems and challenges of SIP in the context of NAT. Name and explain NAT variants and the standardized solutions to bypass NATs with SIP. NAT: network address translation ● SIP (Session Initialization Protocol) Signaling Issues ○ SIP headers will contain wrong IP and port # ○ Pinhole in Firewall / NAT will timeout on inactivity Typically less than 1 minute If this occurs, client can’t receive incoming calls • Application Level Gateways (ALG) – Service inside the NAT NAT Types ● Full cone NAT ● Restricted Cone NAT ● Symetric NAT NAT traversal ● STUN ­ connects to external server that registers the external IP to which the other peer can connect. Problem if both clients are in same NAT. ● TURN ­ tunneling through the TURN server ● ICE ­ utilices STUN and TURN 5.31 Does SIP offer functionality to modify parameters of an already established SIP RTP connection? Justify and describe the mechanisms that prevent or permit the modification. Durch Re­Invites (gleiches Invite mit gleicher Session Description, aber anderen Profilen) Kann von der Gegenstelle abgelehnt oder angenommen werden. Changed network conditions might require or allow different parameters (codec) 5.32 How does a SIP device communicate with a device on the PSTN and vice versa? What technical requirements must be fulfilled (signalling, media stream)? PSTN = Public Switched Telephone Network ● Es wird ein SIP­Proxy&IP/PSTN­Gateway benötigt. ● RTP Daten werden auf PCM umcodiert. ● Signalisierung wird auf PSTN­Messages umgewandelt (PRACK, 183 Session in Progress). 6 Part 6: IMS IMS = IP Multimedia Subsystem Wiki: Das IP Multimedia Subsystem ( IMS ) ist ein Telekommunikationssystem , das einen standardisierten Zugriff auf Dienste aus unterschiedlichen Netzwerken zum Ziel hat. Spezifiziert wurde es vom 3rd Generation Partnership Project ­Gremium (3GPP). IMS verwendet ein All­ IP ­Netzwerk, bei dem sämtliche Kommunikation IP­basiert erfolgt. Das Basisprotokoll von IMS ist das SIP . IMS­Systeme werden vor allem in Mobilfunknetzen eingesetzt. Wesentliche Aufgaben vom IMS­Systemen sind: ● Verbindung von klassischen Netzen (Mobilfunknetze nach GSM ­ oder UMTS ­Standard, herkömmliche analoge oder digitale (ISDN­) Telefonnetze ) mit IP­basierten Netzen, die Voice over IP benutzen. ● Bereitstellen von zusätzlichen Diensten für IP­basierte Netze, z. B. Bereitstellen von Sprachdiensten für LTE ­Netze ( Voice over LTE ). ● Anbindung zusätzlicher Dienste­Plattformen, z. B. Präsenzdienste , RCS 6.1 What are the advantages and disadvantages that an "all‐IP" infrastructure offers over current communication networks? Identind compare the main features of the telecom and Internet architecture. Why „All­IP“? ● Operator View ○ Operational (management) aspects ■ Maintain two networks (CS, PS), distinct technologies ■ Implement services in both worlds ○ Deploy services ● User view ○ Access­transparency ○ Unified service infrastructure ● All­IP Changes ○ All­IP: Voice becomes „just another“ service, positioned at the same level like all other services ■ Telecom: Dedicated infrastructure for one service: Voice ○ Vertical vs. Horizontal Architecture Why IP Multimedia Subsystem? ● Co­existence of network technologies and architectures ○ Circuit­switched voice ○ Packet­switched voice ○ Packet­switched services ○ Mobile and fixed networks ● VoIP configuration and interoperability ○ Complex tasks, user prefer simplicity (Skype) ○ Mobile cellular networks ● Overlay network architecture ○ Consistent addressing scheme ○ Ease­of use Idea : Telecom goes IP! 6.2 The migration of telecommunication networks towards All‐IP technology change both, the landscape and the roles of players in the telecommunication market. What are the major risks for existing telecom companies? Major risk for Telecom providers: Become „just another IP Bitpipe“ ● IP Access Providers are interchangeable ● Role restricted to Access (IP­Bitpipe) Provider: Service Providers (Aggregators) in the Internet offer Services and bill the customer ● No major differentiation between IP Access Providers Best­effort considered to be minor incentive ● Services differentiate between providers IMS offers End­to­End QoS ● Ties customer to operator 6.3 What is IMS? Who standardizes IMS? Which other key technologies are standardized by the same organization? Which areas include the IMS‐related standards? ● 3GPP (3rd Generation Partnership Project) ● Combine interoperability (telecom) and flexibility (IP) ○ IETF standardizes flexible protocols ○ But: IETF standardization alone does not ensure interoperability ■ Example: Fully SIP­RFC compliant terminals need not support same codec ­> No audio/video connection! ○ ITU‘s Implement­Telecom­Over­IP approach failed ■ H.323 extremly feature­rich, implements „ISDN­over­IP“ ■ High effort for implementing standard­compliant terminal ■ H.323 offers advantages over SIP when deployed in a commercial environment but did not succeed on the market. 6.4 List the most important IMS architecture components and describe their main tasks ‐ focus on SIP proxies and IMS databases. Source: Kapitel 6, Seite 42­50 ● ● Call control entities ­ CSCF: Call­Session: Control Function ­ Proxy CSCF: (P­CSCF) ­ Inbound/Outbound Proxy for User Equipment ­ Interrogating SCSF: (I­CSCF) ­ Routes intial SIP requests to destination ­ Serving CSCF (S­CSCF) ­ „Brain“ of the IMS; Authenticates user ­ ANY SIP message from or to a specific user MUST be routed through its assigned S­CSCF! Database components ­ Home Subscriber Server (HSS) ­ Repository that stores user data ­ Subscriber Location Function (SLF) ­ Required if one provider uses more than one HSS ● ● ● Application Servers ­ Execute IMS services ○ Native IMS/SIP Application Server (SIP­AS) ­ Platform for newly created services ○ Open Service Access – Service Capability Server (OSA­SCS) ­ Interface to support legacy OSA/Parlay applications ○ IP Multimedia Subsystem ­ Service Switching Function (IM­SSF) ­ Integrates legacy CAMEL (Customized Applications For Mobile Network Enhanced Logic) applications with the IMS Media Resources ○ Media Resource Function Controller (MRFC) ­ Controls MRFP via MEGACO ○ Media Resource Function Processor (MRFP) ­ Generates/Mixes/Records media streams PSTN connectivity ○ BGCF: Breakout Gateway Control Function ­ SIP­Proxy that selects PSTN gateway based on E.164­number in requests ○ MGCF: Media Gateway Control Function ­ Converts SIP to ISUP/BICC over IP ○ SGW: Signaling Gateway ­ Interfaces CS signaling ○ MGW: Media Gateway ­ Transcodes RTP (GSM, AMR, etc.) to PCM 6.5 Compare IMS with plain IETF SIP, discuss advantages and disadvantages of both approaches. Bei IMS Zugriff auf Proxy immer über Registrar, Adresse wird vom Proxy vergeben. IMS aufwendiger als SIP, auch Multimedia in IMS ­ Aufteilung der Netze je nach Anbieter. 6.6 By reusing which concept (known from mobile telecommunications) IMS can achieve worldwide availability? IMS reuses GSM/GPRS concept ● Home network : Infrastructure provided by our home operator ● Visited network : Infrastructure provided by an operator who signed roaming agreements with our operator. 6.7 IMS differentiates between two main topologies depending on the positioning of signalling components in home and foreign networks. Name them. What are the advantages and disadvantages? in both cases, signaling goes through the home S­CSCF Home GGSN (Gateway GPRS Support Node) Scenario : GGSN und P­CSCF im Heimnetzwerk ­> Tunnel vom visited ­> QoS loss (delay) Data is also tunneled. PCRF (policy and charging rules function) Visited GGSN Scenario : GGSN und P­CSCF im Fremdnetz ­> SIP Messaging vom fremden P­CSCF zu I­CSCF ­> nutzt IMS Features voll aus ­> hoher Aufwand der Implementierung Data is not tunneled. 6.8 Which IMS components are always in the SIP signalling path when routing a SIP message in an IMS network? HSS, P­CSCF und S­CSCF 6.9 Which components implement services in IMS? Which IMS node integrates these services into the SIP signal flow (through what mechanism)? Dienste werden auf den Application Servern implementiert (plus notwendigen Media Resourcen). Eingebunden vom S­CSCF mittels SIP­Messages. 6.10 What is meant by IFCs? In which IMS components are they stored? Explain the relationship between IFC, AS and S‐CSCF. Initial Filter Criteria, gespeichert im HSS. S­CSCF vergleicht IFC mit der Message ­> wenn Übereinstimmung wird Message an den betreffenden AS weitergeleitet (oder auch nicht) 6.11 What does identity mean in the context of IMS? Briefly describe the variants/types of identity defined and used in IMS and their application/need. Which components store a user’s identity in IMS? Public Identity (IMPU...IP Multimedia Public User Identity) → Identität eines Users, welche erforderlich ist, damit der User kontaktiert werden kann (SIP URI, Tel.Nr.): User contact (sip uri, telnr ..), gespeichert im HSS Private Identity (NICHT öffentlich sichtbar): IMS interne Identifizierung (für IMS authentication und subscription), die Private Identity kennt auch der User selbst nicht, diese ist auf der SmartCard gespeichert Public Service Identity : Entspricht Public Identity mit service statt subscriber, Application server 6.12 What is a temporary identity in IMS needed for? Geplant, alle Identitäten auf UICC (Universal Integrated Circuit Card = Physikalische Karte (Smart Card)) zu speichern. Aufgrund von fehlender Unterstützung für IMS (SIM/USIM) gibt es ein Fallback Szenario, welches temporäre Identitäten aus der IMSI (International Mobile Subscriber Identity) generiert und sich damit am S­CSCR registriert (der S­CSCF holt das Profil dann vom HSS). 6.13 Name the components of IMS PCC and explain briefly the PCC architecture’s functionality. Focus on separation of concerns. PCC = Policy and charging control Policy → es müssen Entscheidungen bzgl. der Steuerung von QoS und Charging Voraussetzungen getroffen werden Components of IMS PCC: ● AF: A pplication F unction (P­CSCF, AS) ● SPR: S ubscription P rofile Re pository ● PCRF: P olicy and C harging R ules F unction ● PCEF: P olicy and Ch arging En forcement F unction ● OCS: O nline C harging S ystem ● OFCS: O ffline C harging S ystem ● P­CSCF: P roxy CSCF ● AS: A pplication S erver PCC architecture functionalitys: ● Application Function (AF) provides PCRF with call­related information ○ AF can be, e.g., P­CSCF or Application Server ○ E.g., SDP information extracted from SIP INVITE ● Policy and Charging Rules Function ( PCRF ) decides whether call is acceptable ○ Receives user profile information from Subscription Profile Repository (SPR) ■ Allowed QoS for specific user profile (subscription) ○ ○ ○ ● ● PCRF merges requests against profile Decision is enforced using PCEF PCRF supports two modes of operation: Push or Pull ■ Decides which entity establishes bearer Policy and Charging Enforcement Function (PCEF) enforces decisions taken by PCRF ○ PCEF Example: GGSN ○ PCEF communicates with online and offline charging systems (OCS, OFCS) ○ PCEF can close gates (terminate call) if user runs out of credit (OCS, Gy interface) ■ Real­time communication ○ Charging data transferred to OFCS (Gz interface) for later processing Proxy Call Session Control Function (P­CSCF) ○ ○ Die P­CSCF führt eine Authentifizierung des Benutzers durch. Die P­CSCF kann mit der PCRF Informationen über die Teilnehmerdienste und die Datenraten austauschen und auch Gebühreninformationen (Charging Records) erstellen. Über die PCRF kann auch Einfluss auf die Eigenschaften der Verbindung genommen werden (z. B. Datenraten drosseln, Priorität des Teilnehmers festlegen usw.) Die P­CSCF leitet die eingegangene IMS­Dienstanforderung weiter 6.14 What are the two essential variants of IMS charging presented in the lecture? What's the difference? Which of the two systems is more demanding from a technical point of view (explain why)? ● ● Offline Charging : Collected after session (z.b. bei Monatlicher Abrechnung) → Zahlung im Nachhinein (post paid) Online Charging : Charging system arbeitet in Realtime mit dem User Account→ Zahlung im Voraus (pre paid) 7 Part 7: H.323, WebRTC, Skype 7.1 Which standardization organization standardizes H.323? What is the purpose of H.323 and which are the related standards it references? Detail. ITU = International Telecommunication Union H.323 ist ein H.­Standard , genauer ein Protokoll der H.32X­Serie, das auch die Kommunikation über öffentliche Telefonnetze und ISDN enthält. Stärke : Relativ frühe Verfügbarkeit als eine Menge an Standards, die nicht grundlegendes Rufmodell, sondern zusätzlich auch Leistungsmerkmale definieren, welche benötigt werden, um den Erwartungen für Geschäftskommunikation gerecht zu werden. H.323 war der erste IP­Telefonie ­Standard, der den IETF­Standard RTP adaptiert hat, um Audio und Video über IP­Netzwerke zu transportieren. Basiert auf ISDN­Protokoll Q.931 , H.225, H.245, H.450,... Was soll H.323 leisten: ● definierte und standardisierte Protokoll und Prozeduren für: ○ Call signaling ○ Call control ○ Media transport ○ Services ● → H.323 gewährleistet Multimedia­Interoperabilität in Packet Networks 7.2 Name the H.323‐defined entities, sketch their hierarchy and detail on their purpose. The H.323 entity defines: ● Endpoints ○ Devices terminating a media stream ○ Terminals ○ Gateways ○ MCUs (Multipoint Conference Units) ○ Border Elements ● Gatekeeper ○ Optional component in a H.323 network ­ provides services for terminals, gateways and MCUs ○ Gatekeeper übernimmt Gateway Funktionen zwischen IP und Telefonnetz → dh. Anpassung der Datenströme, Signalisierung,... ○ Primary services (adress translation, admission control, bandwidth control, zone management) ○ Other services ( Call Control Signalling, Call Authorization, Call Management, Bandwidth Management, AAA) ○ H.323 Zone ■ ■ ■ ■ ■ ● ● ● All endpoints (terminals, gateways, MCUs) managed and controlled by one gatekeeper One and only one gatekeeper allowed per zone Distinct physical devices can implement one gatekeeper. Redundancy, Backup Primary vs. Alternate Gatekeepers. Communication between Primary and Alternate Gatekeeper out of scope of the recommendation Terminal ­ An endpoint on an IP network, that supports the real­time, two­way communication with another H.323 entity. A terminal supports voice coders/decoders (codecs) and setup and control signaling. Gateway ­ Provides the interface between a packet­based network (IP network) and a circuit­switched network (PSTN). A gateway translates communication procedures and formats between networks. It handles call setup and teardown and the compression and packetization of voice information. Multipoint Conference Unit (MCU) ○ Handles conferences of three or more participants ■ Modular structure ○ An MCU consists of: ● Multipoint Controller (MC) ­ Handles control and signaling for conferencing support. ● Multipoint Processor (MP) ­ Receives streams from endpoints, processes them, and returns them to the endpoints in the conference. 7.3 What is ASN.1? Detail on concepts of ASN.1, benefits and drawbacks of using ASN.1 when compared to plain‐text protocols. ● ASN.1: „Abstract Syntax Notation One“ ○ Standardized by ITU­T (X.680, X.681) und ISO ○ Interface specification language Unique mapping from syntax to binary represent. ○ Syntax standardizes only data format ○ No access methods and encapsulation like CORBA IDL ○ Machine­independent syntax ○ ist eine Beschreibungssprache zur Definition von Datenstrukturen sowie Festlegungen zur Umsetzung von Datenstrukturen und Elementen in ein netzeinheitliches Format ○ Der Standard dient der abstrakten Beschreibung von Datentypen, ohne auf die rechnerinterne Darstellung einzugehen Advantages: ● Standardized format ● Focus on syntax, machine­independent definition ● Easy to integrate ASN.1 interface changes ● Automatic or manual mapping of ASN.1 definition to programming language ○ Compiler creates required parser for specific programming language and machine. ● Automated syntax testing → Parsers automatically test ASN.1 data on correctness. ● Compressed binary representation → Saves network capacity Drawbacks: ● Compilers difficult to write → Hand­written parsers/encoders ● Binary represenation is not human readeable ○ Binary stream must be decoded ○ Supported by Wireshark 7.4 Explain H.323 RAS. Which transport protocol does RAS use (explain)? Isolate some main differences when comparing the H.323 RAS procedure (call setup related) against SIP call establishment. ● ● ● RAS...Registration, Admission, Status Standardizes communication between Gatekeeper and Endpoints or between Gatekeepers ○ Message sequence, ○ Message format Gatekeeper is optional component but RAS signaling is mandatory if Gatekeeper is present in network ○ Use of Gatekeeper is conditionally mandatory Protocol: Uses UDP as transport protocol Typical H.323 message sequence: ● RAS: Gain network access and do address resolution ● Call signaling (H.225.0): establish connection to called party ● Call control (H.245): negotiate, establish and control media channels RAS SIP Multimedia Communication No Multimedia comm.(conferencing) Scalable, designed to add new functionalities(i.e VoIP) Interoperability issues Direct call model(good for large networks) Uses proxy which can have issues in large networks 7.5 Explain H.235. What is the scope of H.235 and which aspects of VoIP communication does it cover (name and explain the three aspects)? Provide security for all communications occurring as a result of H.3xx protocol usage. The scope of H.235 is to provide ● Authentication ● Privacy ● Integrity VoIP: ● ● ● Call establishment security Call control security Media security 7.6 Explain the purpose of H.245, its architectural concepts, and name its main control functions. Which optimizations exist for H.245? Why? H.245 used to signal encryption algorithms and encryption keys Shared, private, media channels. Signal that H.245 channel must be operated in a particular secured manner before it is initiated. Participating endpoints should utilize an encrypted H.245 channel: ● Protects cryptographic algorithm selection and encryption keys as passed in the H.245 OpenLogicalChannel command ● H.245 secure channel may be operated with characteristics different from those in the private media channel(s) 7.7 What is WebRTC and who standardizes it? Name the main functions and features of WebRTC. What is new in the standardization of WebRTC (focus: contributions to the Internet community)? Web Real­time communications: WebRTC ● Enables real­time communications for web browsers ● Standardized by W3C consortium and IETF W3C: Focus on API ● IETF: Focus on codecs and protocols (Draft status: https://tools.ietf.org/wg/rtcweb/) ● Open framework ● ● ● ● Includes fundamental building blocks for high quality communications on the web ○ Network, Audio, Video ○ Support for voice and video chat applications. Includes key NAT and firewall traversal technology Implementations: Mozilla, Opera, Google Chrome Draft Version, on IETF page is last version detectable 7.8 Explain the Skype architecture (components, topology, addressing, ...). Which mechanisms help Skype to bypass enterprise firewalls and NATs? Components : ● Skype Clients (SC) : Peers connect directly to each other for VoIP call ● Skype Super Nodes (SN) Skype Peers with special functions ● Overlay Networking Among SuperNodes to locate Skype clients ● Skype Login Server Topology : Join : SC joins Skype network by contacting SN (IP address cached) using TCP Login : SC logs in with <username, password> to centralized Skype Login Server Address resolution: Obtain callee‘s IP address from SN, SN overlay or client buddy list Call: Initiate call directly to callee Skype clients behind NAT can not be contacted from outside the NAT ● Solution: Persistent TCP for bi­directional transfer ● Clients maintain TCP connections to SNs ● SNs relay traffic Part 8: Measurements and Time 8.1 List and discuss the goals of measurements. Focus on the differentiation (and reference the technical terms) of what and how is to be measured. Which IETF standard builds the basis for IP‐based measurements? • Measurement Goals –Quality, Performance, and/or Reliability –Determine value of specific parameters –For specific setup –In a repeatable way • Clear separation required between: –What do we want to measure (metrics)? –How do we measure (methodology)? IP Performance Metrics 8.2 What is a metric as defined by the IP Performance Metrics Framework (definition or in own words, mentioning the definition’s key words)? Give at least four examples of metrics that have been defined so far by the IETF. • IPPM Metric definition: –„In the operational Internet, there are several quantities related to the performance and reliability of the Internet that we'd like to know the value of. When such a quantity is carefully specified, we term the quantity a metric“ (RFC 2330, section 6). • Quantity must be carefully defined –Ambiguity not allowed –Metrics defined in terms of standard units of measurement (Metric system) • Examples –One­way Delay (RFC 2679), One­way Loss (RFC2680), Bulk Transfer Capacity (RFC 3148) 8.3 List the three classes of metrics that the IP Performance Metrics Framework defines with respect to the sampling procedure. Discuss the difference and their dependence, and give at least one example for any class. • Singleton Metric –Atomic metric –Example: one­way delay (owd), „Bulk Throughput Capacity of a link over one hour interval“ • Sample Metric –Metric derived from singleton metric –Collects several samples over a specific interval –Example: sequence of pairs <ti, owdi>: „one­way delay with poisson sampling, mean spacing 1 s, over one hour interval“ • Statistical Metric –Computed from sample metric –Example: Mean owd value of sample metric. 8.4 List the two categories of metrics that the IP Performance Metrics framework defines with respect to the level of abstraction. Detail on the reasons for this separation and give at least one example for any category. • Analytical Metrics –Preferred, rely on analytical (theoretic) model –Always include simplifying assumptions: modeling the essence of components –Example: propagation time of a link: „The time, in secondsrequired by a single bit to travel from the output port on one Internet host across a single link to another Internet host“ • Empirical Metrics –Required Properties: • Clear definition in terms of components • Basic understanding of the metric in terms of the analytical Framework • At least one effective means to measure –Adequate solution if analytical model becomes too complex –Example: flow capacity achievable with TCP Reno implementation on specific path. 8.5 List and characterize briefly the three main measurement methodologies supported by the IP Performance Metrics Framework and its updating documents. Which other methodologies does the IPPM mention? –Active measurements –Passive measurements –Hybrid measurements 8.6 Explain the difference between active measurement methods, passive measurement methods, and hybrid measurement methods (of type 1 and type 2). Active Measurements: Direct measurement using injected test traffic Passive Measurements: Observe existing traffic at well­defined points of observation in the network Hybrid 1: modify (IP) flags in intermediate nodes. Hybrid 2: create artificial load on intermediate subpaths 8.7 Explain the need for the following IP Performance Metrics concepts: Packet of Type‐P* and standard‐formed packet. Requirement: Methodology must be repeatable • Packet of Type­P* –Metrics must avoid any uncertainty factors –Dangerous: Implicit assumptions • Standard­formed packets –Correct length, correct IP header, not fragmented –Source and Destination hosts match 8.8 Define and explain the terms “clock resolution”, “clock offset”, “clock skew”, “clock drift”, “accurate clock”? ● Clock Resolution –Smallest unit of clock update –Clock reading error! ● Clock Offset –Deviation from true time (UTC) ● Accurate Clock –Zero clock offset to UTC –„In sync“ with true time ● Clock Skew –Frequency difference between clock and true time –„Fast“ vs. „slow“ clocks ● Clock Drift –Variation in clock skew –Typical example: f requency of quartz oscillator changes because of variations in ambient temperature 8.9 Which are the clock properties that limit measurement precision in round‐trip delay measurements (mention at least two!)? Which are the clock properties that determine measurement precision in one‐way delay measurements? RTT: clock skew one­way: clock offset between computers 8.10 List and discuss benefits and drawbacks of the two main time synchronization variants. network time sync benefits: uses existing network infrastructure drawbacks: complex algos, depends on network topology, one client needs to be synced to UTC hardware time sync benefist: high accuarcy, simple aglo drawbacks: hw needed, cost 8.11 Which is the primary goal of NTP? How does the implementation achieve this goal? 8.12 Which main network characteristic is pre‐requisite for correct NTP function? symatric connection. 8.13 Compare scope, applicability, benefits and drawbacks of PTP against the ones of NTP. PTP higher precision, more complex algo, relative time within the network, master slave arch NTP precision up to 1ms, sync to UTC, secuirty problems 8.14 Define the PTP‐defined terms ordinary clock, boundary clock, master clock, grandmaster clock, PTP domain. ● ● ● ● ● Ordinary clocks –Devices with one single PTP network connection Boundary clocks –Have more than one PTP port (network connection) –Connect PTP domains, relay time information PTP domain –Logical grouping of several PTP clocks Master Clock –Primary source of time within a PTP domain. –Synchronize to other master clocks (located in other PTP domains) Grandmaster Clock –Highly accurate clock, selected as ultimate time reference for connected PTP domains –All master clocks in these domains ultimately synchronize to the Grandmaster clock 8.15 List and discuss the requirements that PTP has with respect to the network and the resulting consequences. 8.16 Explain the basic PTP synchronization sequence using a sequence diagram. Label and explain the message types for this basic PTP sequence. 8.17 Discuss PTP security: Standardization status, available (and missing functionality), challenges and threats. 9 Part 9: Network Simulation Problem with Simulation: The Model needs to be verified. If the model is not correct, the results are useless. 9.1 What is a system (definition)? Which factors define the complexity of a system? elements like nodes and connections make up a system type and number of elements and connections define complexity 9.2 List the techniques that can be used for system performance evaluation. Discuss their benefits and drawbacks with focus on level of abstraction, applicability and pre‐ requisites of these techniques. Give examples. Methods for performance evaluation of a system: –Analytical modeling –Simulation –Emulation –Measurements 9.3 What is a Model? What is the main challenge in defining the model? What is the main pitfall in re‐using someone else’s implementation for own simulations? 9.4 Which two main categories of computer simulations exist? Why? Briefly explain the basic concepts and give examples. continous event sim discrete event sim 9.5 Define the following terms: entity, system, system state, modelling. Give examples. Entity –Abstraction of a subject of interest System –Set of entities together with their relationship System state –A set of variables (parameters) and their values that describe the state of a specific system Modeling –The process of identifying and abstracting the entities and relationships of a specific system for a specific goal or task. 9.6 When does a discrete event simulation stop? maximum total simulation time after certain event of interest Steady­state Simulation ­ system reached steady state ­ sim can stop 9.7 Which are the characteristics of a good performance model? Explain briefly. ● ● ● Simplicity ○ –Model should be as simple as possible ○ –Minimum feature set conforming to the goal ○ –Pitfall: simulation module reuse Model and goals of the initial implementation might differ from the own goals: Check the original goal! Credibility ○ –Performance model is credible if it is validated ○ –Trust into specific model (e.g. widely used model, accepted by research community) Documentation ○ –Result of the performance model ○ –What the model is good for: Abstraction (goals) ○ –What the main limitations of this model are (no­goals) 9.8 Explain the difference between model validation and model verification. validation compares model against real world verification checks against simulation output 9.9 Discuss the characteristics of a good simulation model efficient verified code quality availability 9.10 Describe the modelling process steps to obtain a good simulation model 9.11 Briefly describe the main characteristics of NS‐3 (focus, supported simulation model, programming languages), and the entities it supports as part of the system modelling process.