Slide 1

Slide 1 text

Noah Kantrowitz Open Source Bridge 2015 How The Internet Works The Life and Times of an HTTP Request

Slide 2

Slide 2 text

It's not a big truck. It's a series of tubes. Ted Stevens

Slide 3

Slide 3 text

We never, ever in the history of mankind have had access to so much information so quickly and so easily. Vint Cerf

Slide 4

Slide 4 text

No content

Slide 5

Slide 5 text

https:/ /www.google.com/

Slide 6

Slide 6 text

https:/ /www.google.com/

Slide 7

Slide 7 text

DNS

Slide 8

Slide 8 text

DNS • Map names to IP addresses. • gethostbyname() • RFC 1034 & 1035. • "What is the A for www.google.com?"

Slide 9

Slide 9 text

DNS Header ID ID ID ID ID ID ID ID ID ID ID ID ID ID ID ID QR Opcode Opcode Opcode Opcode AA TC RD RA Z Z Z RCODE RCODE RCODE RCODE QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT

Slide 10

Slide 10 text

DNS Header ID ID ID ID ID ID ID ID ID ID ID ID ID ID ID ID QR Opcode Opcode Opcode Opcode AA TC RD RA Z Z Z RCODE RCODE RCODE RCODE QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT

Slide 11

Slide 11 text

DNS Header ID ID ID ID ID ID ID ID ID ID ID ID ID ID ID ID QR Opcode Opcode Opcode Opcode AA TC RD RA Z Z Z RCODE RCODE RCODE RCODE QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT

Slide 12

Slide 12 text

DNS Header ID ID ID ID ID ID ID ID ID ID ID ID ID ID ID ID QR Opcode Opcode Opcode Opcode AA TC RD RA Z Z Z RCODE RCODE RCODE RCODE QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT

Slide 13

Slide 13 text

DNS Header ID ID ID ID ID ID ID ID ID ID ID ID ID ID ID ID QR Opcode Opcode Opcode Opcode AA TC RD RA Z Z Z RCODE RCODE RCODE RCODE QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT QDCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT ANCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT NSCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT ARCOUNT

Slide 14

Slide 14 text

DNS Question QNAME QTYPE QCLASS

Slide 15

Slide 15 text

DNS Question QNAME QTYPE QCLASS

Slide 16

Slide 16 text

DNS Question QNAME QTYPE QCLASS

Slide 17

Slide 17 text

DNS Question QNAME QTYPE QCLASS

Slide 18

Slide 18 text

DNS Message 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 0 1 1 1 0 1 1 1 0 1 1 1 0 1 1 1 0 1 1 1 0 1 1 1 0 0 0 0 0 1 1 0 0 1 1 0 0 1 1 1 0 1 1 0 1 1 1 1 0 1 1 0 1 1 1 1 0 1 1 0 0 1 1 1 0 1 1 0 1 1 0 0 0 1 1 0 0 1 0 1 0 0 0 0 0 0 1 1 0 1 1 0 0 0 1 1 0 1 1 0 1 1 1 1 0 1 1 0 1 1 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1

Slide 19

Slide 19 text

DNS Message 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 0 1 1 1 0 1 1 1 0 1 1 1 0 1 1 1 0 1 1 1 0 1 1 1 0 0 0 0 0 1 1 0 0 1 1 0 0 1 1 1 0 1 1 0 1 1 1 1 0 1 1 0 1 1 1 1 0 1 1 0 0 1 1 1 0 1 1 0 1 1 0 0 0 1 1 0 0 1 0 1 0 0 0 0 0 0 1 1 0 1 1 0 0 0 1 1 0 1 1 0 1 1 1 1 0 1 1 0 1 1 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1

Slide 20

Slide 20 text

DNS Message 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 0 1 1 1 0 1 1 1 0 1 1 1 0 1 1 1 0 1 1 1 0 1 1 1 0 0 0 0 0 1 1 0 0 1 1 0 0 1 1 1 0 1 1 0 1 1 1 1 0 1 1 0 1 1 1 1 0 1 1 0 0 1 1 1 0 1 1 0 1 1 0 0 0 1 1 0 0 1 0 1 0 0 0 0 0 0 1 1 0 1 1 0 0 0 1 1 0 1 1 0 1 1 1 1 0 1 1 0 1 1 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1

Slide 21

Slide 21 text

DNS Message 0001010000010000 0000000003777777 06676F6F676C6503 636F6D0000010001

Slide 22

Slide 22 text

No content

Slide 23

Slide 23 text

IP and UDP

Slide 24

Slide 24 text

IP and UDP • Address and port. • 208.201.224.11:53 • Wrapped in order. • DNS inside UDP inside IP. • RFC 791 & 768.

Slide 25

Slide 25 text

UDP Header Source Port Destination Port Length Checksum Data Data

Slide 26

Slide 26 text

UDP Header Source Port Destination Port Length Checksum Data Data

Slide 27

Slide 27 text

IP Header Version Version Version Version IHL IHL IHL IHL Type of Service Type of Service Type of Service Type of Service Type of Service Type of Service Type of Service Type of Service Total Length Total Length Total Length Total Length Total Length Total Length Total Length Total Length Total Length Total Length Total Length Total Length Total Length Total Length Total Length Total Length Identification Identification Identification Identification Identification Identification Identification Identification Identification Identification Identification Identification Identification Identification Identification Identification Flags Flags Flags Fragment Offset Fragment Offset Fragment Offset Fragment Offset Fragment Offset Fragment Offset Fragment Offset Fragment Offset Fragment Offset Fragment Offset Fragment Offset Fragment Offset Fragment Offset Time to Live Time to Live Time to Live Time to Live Time to Live Time to Live Time to Live Time to Live Protocol Protocol Protocol Protocol Protocol Protocol Protocol Protocol Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Padding Padding Padding Padding Padding Padding Padding Padding

Slide 28

Slide 28 text

IP Header Version Version Version Version IHL IHL IHL IHL Type of Service Type of Service Type of Service Type of Service Type of Service Type of Service Type of Service Type of Service Total Length Total Length Total Length Total Length Total Length Total Length Total Length Total Length Total Length Total Length Total Length Total Length Total Length Total Length Total Length Total Length Identification Identification Identification Identification Identification Identification Identification Identification Identification Identification Identification Identification Identification Identification Identification Identification Flags Flags Flags Fragment Offset Fragment Offset Fragment Offset Fragment Offset Fragment Offset Fragment Offset Fragment Offset Fragment Offset Fragment Offset Fragment Offset Fragment Offset Fragment Offset Fragment Offset Time to Live Time to Live Time to Live Time to Live Time to Live Time to Live Time to Live Time to Live Protocol Protocol Protocol Protocol Protocol Protocol Protocol Protocol Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Padding Padding Padding Padding Padding Padding Padding Padding

Slide 29

Slide 29 text

IP Header Version Version Version Version IHL IHL IHL IHL Type of Service Type of Service Type of Service Type of Service Type of Service Type of Service Type of Service Type of Service Total Length Total Length Total Length Total Length Total Length Total Length Total Length Total Length Total Length Total Length Total Length Total Length Total Length Total Length Total Length Total Length Identification Identification Identification Identification Identification Identification Identification Identification Identification Identification Identification Identification Identification Identification Identification Identification Flags Flags Flags Fragment Offset Fragment Offset Fragment Offset Fragment Offset Fragment Offset Fragment Offset Fragment Offset Fragment Offset Fragment Offset Fragment Offset Fragment Offset Fragment Offset Fragment Offset Time to Live Time to Live Time to Live Time to Live Time to Live Time to Live Time to Live Time to Live Protocol Protocol Protocol Protocol Protocol Protocol Protocol Protocol Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Padding Padding Padding Padding Padding Padding Padding Padding

Slide 30

Slide 30 text

IP Header Version Version Version Version IHL IHL IHL IHL Type of Service Type of Service Type of Service Type of Service Type of Service Type of Service Type of Service Type of Service Total Length Total Length Total Length Total Length Total Length Total Length Total Length Total Length Total Length Total Length Total Length Total Length Total Length Total Length Total Length Total Length Identification Identification Identification Identification Identification Identification Identification Identification Identification Identification Identification Identification Identification Identification Identification Identification Flags Flags Flags Fragment Offset Fragment Offset Fragment Offset Fragment Offset Fragment Offset Fragment Offset Fragment Offset Fragment Offset Fragment Offset Fragment Offset Fragment Offset Fragment Offset Fragment Offset Time to Live Time to Live Time to Live Time to Live Time to Live Time to Live Time to Live Time to Live Protocol Protocol Protocol Protocol Protocol Protocol Protocol Protocol Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Padding Padding Padding Padding Padding Padding Padding Padding

Slide 31

Slide 31 text

IP Header Version Version Version Version IHL IHL IHL IHL Type of Service Type of Service Type of Service Type of Service Type of Service Type of Service Type of Service Type of Service Total Length Total Length Total Length Total Length Total Length Total Length Total Length Total Length Total Length Total Length Total Length Total Length Total Length Total Length Total Length Total Length Identification Identification Identification Identification Identification Identification Identification Identification Identification Identification Identification Identification Identification Identification Identification Identification Flags Flags Flags Fragment Offset Fragment Offset Fragment Offset Fragment Offset Fragment Offset Fragment Offset Fragment Offset Fragment Offset Fragment Offset Fragment Offset Fragment Offset Fragment Offset Fragment Offset Time to Live Time to Live Time to Live Time to Live Time to Live Time to Live Time to Live Time to Live Protocol Protocol Protocol Protocol Protocol Protocol Protocol Protocol Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Header Checksum Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Source Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Options Padding Padding Padding Padding Padding Padding Padding Padding

Slide 32

Slide 32 text

IP Packet IP Header UDP Header DNS Packet

Slide 33

Slide 33 text

Local Network

Slide 34

Slide 34 text

Local Network • Computer • Switch • Router • Modem

Slide 35

Slide 35 text

No content

Slide 36

Slide 36 text

No content

Slide 37

Slide 37 text

208.201.224.11 Destination Gateway Interface 127.0.0.0/8 * lo 192.168.1.0/24 * eth0 default 192.168.1.1 eth0

Slide 38

Slide 38 text

208.201.224.11 Destination Gateway Interface 127.0.0.0/8 * lo 192.168.1.0/24 * eth0 default 192.168.1.1 eth0

Slide 39

Slide 39 text

208.201.224.11 Destination Gateway Interface 127.0.0.0/8 * lo 192.168.1.0/24 * eth0 default 192.168.1.1 eth0

Slide 40

Slide 40 text

208.201.224.11 Destination Gateway Interface 127.0.0.0/8 * lo 192.168.1.0/24 * eth0 default 192.168.1.1 eth0

Slide 41

Slide 41 text

Ethernet • Wire framing. • MAC address. • Segments. • IEEE 802.3

Slide 42

Slide 42 text

Segments • Electrical broadcast. • Thicknet. • 10BASE-T and hubs. • Switches.

Slide 43

Slide 43 text

Ethernet Frame Preamble Preamble Preamble Preamble Preamble Preamble Preamble SFD Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Source Address Source Address Source Address Source Address Source Address Source Address Type Type Data and padding Data and padding Data and padding Data and padding Data and padding Data and padding Data and padding FCS FCS FCS FCS

Slide 44

Slide 44 text

Ethernet Frame Preamble Preamble Preamble Preamble Preamble Preamble Preamble SFD Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Source Address Source Address Source Address Source Address Source Address Source Address Type Type Data and padding Data and padding Data and padding Data and padding Data and padding Data and padding Data and padding FCS FCS FCS FCS

Slide 45

Slide 45 text

Ethernet Frame Preamble Preamble Preamble Preamble Preamble Preamble Preamble SFD Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Source Address Source Address Source Address Source Address Source Address Source Address Type Type Data and padding Data and padding Data and padding Data and padding Data and padding Data and padding Data and padding FCS FCS FCS FCS

Slide 46

Slide 46 text

Ethernet Frame Preamble Preamble Preamble Preamble Preamble Preamble Preamble SFD Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Source Address Source Address Source Address Source Address Source Address Source Address Type Type Data and padding Data and padding Data and padding Data and padding Data and padding Data and padding Data and padding FCS FCS FCS FCS

Slide 47

Slide 47 text

1000-BASET • Electrical signaling. • IEEE 802.3ab

Slide 48

Slide 48 text

Ethernet Frame Preamble Preamble Preamble Preamble Preamble Preamble Preamble SFD Destination Address Destination Address Destination Address Destination Address Destination Address Destination Address Source Address Source Address Source Address Source Address Source Address Source Address Type Type Data and padding Data and padding Data and padding Data and padding Data and padding Data and padding Data and padding FCS FCS FCS FCS

Slide 49

Slide 49 text

ARP

Slide 50

Slide 50 text

ARP • Bridge between IP and Ethernet. • NDP for IPv6. • "Who has IP address 1.2.3.4?" • In an Ethernet frame. • Broadcast FF:FF:FF:FF:FF:FF.

Slide 51

Slide 51 text

ARP Packet HTYPE PTYPE HLEN PLEN OPER SHA SHA SHA SHA SPA SPA SPA THA THA THA THA TPA TPA TPA

Slide 52

Slide 52 text

ARP Packet HTYPE PTYPE HLEN PLEN OPER SHA SHA SHA SHA SPA SPA SPA THA THA THA THA TPA TPA TPA

Slide 53

Slide 53 text

ARP Packet HTYPE PTYPE HLEN PLEN OPER SHA SHA SHA SHA SPA SPA SPA THA THA THA THA TPA TPA TPA

Slide 54

Slide 54 text

Slide 55

Slide 55 text

Sending • Ethernet – 40:4A:3:ED:D2:1C • IP – 208.201.224.11 • UDP – 53 • DNS – www.google.com A

Slide 56

Slide 56 text

Local Router

Slide 57

Slide 57 text

Local Router • Static routing (again). • NAT.

Slide 58

Slide 58 text

Route Table Destination Gateway Interface 127.0.0.0/8 * lo 192.168.1.0/24 * eth0 173.228.34.0/24 * eth1 default 173.228.34.1 eth1

Slide 59

Slide 59 text

208.201.224.11 Destination Gateway Interface 127.0.0.0/8 * lo 192.168.1.0/24 * eth0 173.228.34.0/24 * eth1 default 173.228.34.1 eth1

Slide 60

Slide 60 text

208.201.224.11 Destination Gateway Interface 127.0.0.0/8 * lo 192.168.1.0/24 * eth0 173.228.34.0/24 * eth1 default 173.228.34.1 eth1

Slide 61

Slide 61 text

208.201.224.11 Destination Gateway Interface 127.0.0.0/8 * lo 192.168.1.0/24 * eth0 173.228.34.0/24 * eth1 default 173.228.34.1 eth1

Slide 62

Slide 62 text

208.201.224.11 Destination Gateway Interface 127.0.0.0/8 * lo 192.168.1.0/24 * eth0 173.228.34.0/24 * eth1 default 173.228.34.1 eth1

Slide 63

Slide 63 text

NAT • Rewrite IP and UDP header. • Source address and port. • Share one public address.

Slide 64

Slide 64 text

Sending, Round Two • ARP lookup (or cached). • Ethernet frame. • Send to ISP border router.

Slide 65

Slide 65 text

The Internet

Slide 66

Slide 66 text

A Mesh of Trees • Tree-like at the edges. • Partial mesh in middle. • ~Full mesh in the core.

Slide 67

Slide 67 text

Next Hops • Regional routers. • ISP backbone.

Slide 68

Slide 68 text

No content

Slide 69

Slide 69 text

BGP

Slide 70

Slide 70 text

Routing Protocol • Distribute routes. • Update over time. • Find optimal paths.

Slide 71

Slide 71 text

BGP • Gossip based. • Prefix based. • Share best routes. • RFC 4271.

Slide 72

Slide 72 text

BGP • Gossip based. • Prefix based. • Share best routes. • RFC 4271.

Slide 73

Slide 73 text

Autonomous Systems • 1-232 (née 216) • ~51000 so far. • AS7065

Slide 74

Slide 74 text

IANA • ICANN department • Internet Assigned Numbers Authority • 5 Regional Internet Registries • AfriNIC, ARIN, APNIC • LACNIC, RIPE NCC

Slide 75

Slide 75 text

1 Weight 5 MED 2 Local Pref 6 Metric 3 AS Path 7 First 4 Origin 8 Tie Breaker BGP Algorithm

Slide 76

Slide 76 text

1 Weight 5 MED 2 Local Pref 6 Metric 3 AS Path 7 First 4 Origin 8 Tie Breaker BGP Algorithm

Slide 77

Slide 77 text

1 Weight 5 MED 2 Local Pref 6 Metric 3 AS Path 7 First 4 Origin 8 Tie Breaker BGP Algorithm

Slide 78

Slide 78 text

1 Weight 5 MED 2 Local Pref 6 Metric 3 AS Path 7 First 4 Origin 8 Tie Breaker BGP Algorithm

Slide 79

Slide 79 text

1 Weight 5 MED 2 Local Pref 6 Metric 3 AS Path 7 First 4 Origin 8 Tie Breaker BGP Algorithm

Slide 80

Slide 80 text

1 Weight 5 MED 2 Local Pref 6 Metric 3 AS Path 7 First 4 Origin 8 Tie Breaker BGP Algorithm

Slide 81

Slide 81 text

1 Weight 5 MED 2 Local Pref 6 Metric 3 AS Path 7 First 4 Origin 8 Tie Breaker BGP Algorithm

Slide 82

Slide 82 text

1 Weight 5 MED 2 Local Pref 6 Metric 3 AS Path 7 First 4 Origin 8 Tie Breaker BGP Algorithm

Slide 83

Slide 83 text

1 Weight 5 MED 2 Local Pref 6 Metric 3 AS Path 7 First 4 Origin 8 Tie Breaker BGP Algorithm

Slide 84

Slide 84 text

Security • BGP Hijacking • Ingress Filtering • Rarely used signatures

Slide 85

Slide 85 text

Backbone Router • AS46375 to AS7065

Slide 86

Slide 86 text

DNS Server

Slide 87

Slide 87 text

Receiving • Decode and match IP. • Decode UDP port. • Deliver to process.

Slide 88

Slide 88 text

DNS Server • Decode question. • Check local cache. • Recursion?

Slide 89

Slide 89 text

DNS Recursion

Slide 90

Slide 90 text

Root Servers • 13 DNS servers. • Fixed IP addresses. • Maps TLDs to DNS servers. • [a-m].root-servers.net

Slide 91

Slide 91 text

Recursion Round 1 • DNS query to 198.41.0.4 • com. IN NS a.gtld-servers.net • com. IN NS b.gtld-servers.net. • a.gtld-servers.net. IN A 192.5.6.30 • b.gtld-servers.net. IN A 192.33.14.30

Slide 92

Slide 92 text

Recursion Round 2 • DNS query to 192.5.6.30 • google.com. IN NS ns1.google.com. • google.com. IN NS ns2.google.com. • ns1.google.com. IN A 216.239.32.10 • ns2.google.com. IN A 216.239.34.10

Slide 93

Slide 93 text

Recursion Round 3 • DNS query to 216.239.32.10 • www.google.com. IN A 216.58.192.36

Slide 94

Slide 94 text

DNS Reply • DNS message. • Headers & answer section. • Sent back over the wires. • Un-NAT.

Slide 95

Slide 95 text

TCP

Slide 96

Slide 96 text

TCP • Reliable ACKs. • Three-way handshake. • Congestion control. • RFC 675, 793, ...

Slide 97

Slide 97 text

TCP Headers Source Port Source Port Source Port Source Port Source Port Source Port Source Port Source Port Destination Port Destination Port Sequence Number Sequence Number Sequence Number Sequence Number Sequence Number Sequence Number Sequence Number Sequence Number Sequence Number Sequence Number Acknowledgement Number Acknowledgement Number Acknowledgement Number Acknowledgement Number Acknowledgement Number Acknowledgement Number Acknowledgement Number Acknowledgement Number Acknowledgement Number Acknowledgement Number Data Offset Reserved U R G A C K P S H R S T S Y N F I N Window Window Checksum Checksum Checksum Checksum Checksum Checksum Checksum Checksum Urgent Pointer Urgent Pointer Options Options Options Options Options Options Options Options Options Padding

Slide 98

Slide 98 text

TCP Headers Source Port Source Port Source Port Source Port Source Port Source Port Source Port Source Port Destination Port Destination Port Sequence Number Sequence Number Sequence Number Sequence Number Sequence Number Sequence Number Sequence Number Sequence Number Sequence Number Sequence Number Acknowledgement Number Acknowledgement Number Acknowledgement Number Acknowledgement Number Acknowledgement Number Acknowledgement Number Acknowledgement Number Acknowledgement Number Acknowledgement Number Acknowledgement Number Data Offset Reserved U R G A C K P S H R S T S Y N F I N Window Window Checksum Checksum Checksum Checksum Checksum Checksum Checksum Checksum Urgent Pointer Urgent Pointer Options Options Options Options Options Options Options Options Options Padding

Slide 99

Slide 99 text

TCP Headers Source Port Source Port Source Port Source Port Source Port Source Port Source Port Source Port Destination Port Destination Port Sequence Number Sequence Number Sequence Number Sequence Number Sequence Number Sequence Number Sequence Number Sequence Number Sequence Number Sequence Number Acknowledgement Number Acknowledgement Number Acknowledgement Number Acknowledgement Number Acknowledgement Number Acknowledgement Number Acknowledgement Number Acknowledgement Number Acknowledgement Number Acknowledgement Number Data Offset Reserved U R G A C K P S H R S T S Y N F I N Window Window Checksum Checksum Checksum Checksum Checksum Checksum Checksum Checksum Urgent Pointer Urgent Pointer Options Options Options Options Options Options Options Options Options Padding

Slide 100

Slide 100 text

TCP Headers Source Port Source Port Source Port Source Port Source Port Source Port Source Port Source Port Destination Port Destination Port Sequence Number Sequence Number Sequence Number Sequence Number Sequence Number Sequence Number Sequence Number Sequence Number Sequence Number Sequence Number Acknowledgement Number Acknowledgement Number Acknowledgement Number Acknowledgement Number Acknowledgement Number Acknowledgement Number Acknowledgement Number Acknowledgement Number Acknowledgement Number Acknowledgement Number Data Offset Reserved U R G A C K P S H R S T S Y N F I N Window Window Checksum Checksum Checksum Checksum Checksum Checksum Checksum Checksum Urgent Pointer Urgent Pointer Options Options Options Options Options Options Options Options Options Padding

Slide 101

Slide 101 text

TCP Headers Source Port Source Port Source Port Source Port Source Port Source Port Source Port Source Port Destination Port Destination Port Sequence Number Sequence Number Sequence Number Sequence Number Sequence Number Sequence Number Sequence Number Sequence Number Sequence Number Sequence Number Acknowledgement Number Acknowledgement Number Acknowledgement Number Acknowledgement Number Acknowledgement Number Acknowledgement Number Acknowledgement Number Acknowledgement Number Acknowledgement Number Acknowledgement Number Data Offset Reserved U R G A C K P S H R S T S Y N F I N Window Window Checksum Checksum Checksum Checksum Checksum Checksum Checksum Checksum Urgent Pointer Urgent Pointer Options Options Options Options Options Options Options Options Options Padding

Slide 102

Slide 102 text

Three Way Handshake • SYN • SYN-ACK • ACK

Slide 103

Slide 103 text

Acknowledgements • Send 1 ... 10. • ACK 10. • Send 11 ... 20. • ACK 15. • Send 15 ... 24.

Slide 104

Slide 104 text

Extras • Slow-start • Avoidance • Fast resend • Karn's • Nagle's • SACK • Scaling • CUBIC

Slide 105

Slide 105 text

TLS

Slide 106

Slide 106 text

TLS (aka SSL) • Stream encryption. • Mutual authentication. • RFC 5246.

Slide 107

Slide 107 text

Crypto

Slide 108

Slide 108 text

TLS Handshake • ClientHello • ServerHello • ChangeCipherSpec • Finished

Slide 109

Slide 109 text

Client Round 1 • ClientHello

Slide 110

Slide 110 text

Server Round 1 • ServerHello • Certificate • ServerKeyExchange • ServerHelloDone

Slide 111

Slide 111 text

Client Round 2 • ClientKeyExchange • ChangeCipherSpec • Finished

Slide 112

Slide 112 text

Server Round 2 • ChangeCipherSpec • Finished

Slide 113

Slide 113 text

Application Data • Data wrapper. • Transparent.

Slide 114

Slide 114 text

HTTP

Slide 115

Slide 115 text

HTTP • Request and response. • Verbs, paths, codes. • RFC 2616.

Slide 116

Slide 116 text

HTTP Request • GET / HTTP/1.1 • Host: www.google.com

Slide 117

Slide 117 text

Sending • TLS • TCP • IP • Ethernet

Slide 118

Slide 118 text

HTTP Response • HTTP/1.1 200 OK • Content-Length: 17914 • \r\n •

Slide 119

Slide 119 text

No content

Slide 120

Slide 120 text

Slide 121

Slide 121 text

How does the Internet work?

Slide 122

Slide 122 text

Surprisingly well!

Slide 123

Slide 123 text

Questions? @kantrn coderanger.net