Chapter 1: Introduction to Computer Networks and the Internet

The Internet: a “nuts and bolts” view

  • The Internet is a “network of networks” connecting many networks owned by different organizations (ISPs, content providers, enterprises) so that any two hosts can send packets to each other.
  • Key components and terms:
    • Packet switches: forward packets using routers and switches.
    • Communication links: fiber, copper, radio, satellite with varying transmission rates (bandwidth).
    • Billions of connected devices: hosts (end systems) run network applications at the Internet’s edge.
    • Networks: collections of devices, routers, and links managed by an organization.
  • Examples of Internet-connected devices (illustrative): Web-enabled toaster, weather forecaster, IP cameras, Internet refrigerators, Tweet-a-watt, gaming devices, cars, AR devices, wearables, etc.
  • The Internet’s dual view:
    • Nuts-and-bolts view: how the pieces connect and operate physically and at the packet level.
    • Services view: what applications rely on (Web, streaming video, email, etc.).
  • Important: protocols are everywhere; they control the sending/receiving of messages (e.g., HTTP, TCP, IP, WiFi, 4G/5G, Ethernet).
  • RFCs and IETF: standards for Internet protocols (RFC: Request for Comments; IETF: Internet Engineering Task Force).

What’s a protocol?

  • Human protocols vs network protocols:
    • Human protocol example: asking for the time, requesting to be introduced.
    • Computer network protocol: governs messages between computers, not humans.
  • A protocol defines:
    • The format of messages sent and received.
    • The order of messages sent and received among network entities.
    • The actions taken on message transmission or receipt (or on other events).
  • Protocols cover various message types and actions, enabling reliable, ordered communication across the Internet.

What’s a protocol? (illustrative contrasts)

  • Human protocol example sequence:
    • Hi, Hi, Got the time? 2:00 time
  • Computer network protocol sequence example:
    • TCP connection request, GET http://gaia.cs.umass.edu/kurose_ross, , etc.
  • These illustrate the idea of a protocol as a contract governing message formats, exchanges, and actions.

Chapter 1: roadmap (overview of topics)

  • Core questions:
    • What is the Internet?
    • What is a protocol?
    • Network edge: hosts, access network, physical media
    • Network core: packet/circuit switching, Internet structure
    • Performance: loss, delay, throughput
    • Security
    • Protocol layers, service models
    • History

A closer look at Internet structure: network edge and access media

  • Network edge consists of hosts (clients and servers) and servers often located in data centers.
  • Access networks and physical media provide the last hop from edge hosts to the core network. These include wired and wireless technologies.
  • Examples of access technologies include cable, DSL, WiFi, Ethernet, cellular (4G/5G), and data-center networks.
  • The core consists of interconnected routers forming a network of networks.
  • The Internet provides services (Web, streaming, conferencing, email, etc.) by exposing programming interfaces to distributed applications.
  • Service models and layers enable applications to use transport and network services without needing to manage the underlying details.

Access networks and physical media (detailed)

  • Cable-based access (HFC):
    • Cable modem, splitter, cable headend, CMTS.
    • Frequency division multiplexing (FDM): multiple channels on different frequency bands.
    • Asymmetric downstream/upstream: downstream up to about 40 ext{ Mbps} - 1.2 ext{ Gbps}; upstream roughly 30 ext{ Mbps} - 100 ext{ Mbps}.
  • DSL (Digital Subscriber Line):
    • Central office with DSLAM; data on existing telephone lines; separate voice and data paths.
    • Downstream: 24 - 52 ext{ Mbps}; Upstream: 3.5 - 16 ext{ Mbps}.
  • Home networks: modem/router, firewall, NAT; wired Ethernet (1 Gbps) and WiFi; devices often integrated in a single box.
  • Wireless access networks:
    • WLAN (WiFi): commonly 11, 54, 450 Mbps depending on standard (e.g., 802.11b/g/n).
    • Wide-area cellular: 4G/5G, typical in the tens of Mbps, range of tens of kilometers.
    • Satellite: e.g., Starlink-type services; up to near–hundreds of Mbps downlink; notable high latency (geostationary satellite up to ~270 ms end-to-end).
  • Enterprise networks:
    • Mixed wired/wireless access; Ethernet at 100 Mbps, 1 Gbps, 10 Gbps; WiFi access points with similar throughput ranges.
    • Internal infrastructure includes Ethernet switches and institutional routers.
  • Data-center networks:
    • Very high bandwidth (tens to hundreds of Gbps) linking hundreds to thousands of servers and connections to the Internet.
    • Content-provider networks may also operate their own networks to bring services/content close to users.
  • Visuals and examples emphasize real-world deployment and scale.

The network core: packet switching and routing

  • Core concept: interconnection of routers forming a mesh; packet switching moves data in discrete packets.
  • Packet-switching principle:
    • Messages at the application layer are broken into packets.
    • The network forwards packets from source to destination across multiple links.
  • Two key network-core functions:
    • Forwarding: per-router, local action moving arriving packets from input to the appropriate output link using the router’s local forwarding table.
    • Routing: global decision-making to determine the path from source to destination using routing algorithms.
  • Summary view: destination address is used by routing, and forwarding yields the actual packet movement along a chosen path.

Packet delay and queueing: sources of delay

  • Four sources of packet delay:
    • d_proc: nodal processing (packet header check, routing decision) – typically microseconds.
    • d_queue: queueing delay (waiting for transmission due to congestion).
    • d_trans: transmission delay (time to push L-bit packet onto the link) = rac{L}{R}
    • d_prop: propagation delay (time for a bit to traverse the link length) = rac{d}{s} where s is propagation speed.
  • End-to-end nodal delay: d{nodal} = d{proc} + d{queue} + d{trans} + d_{prop}
  • Example: one-hop transmission delay with L=10{,}000 ext{ bits}, R=100{,}000{,}000 ext{ bps} → d_{trans} = rac{L}{R} = 0.1 ext{ ms}
  • Queueing and loss:
    • If arrival rate to a link exceeds its transmission rate for a period, packets queue; memory can fill and packets can be dropped when buffers are full.
  • Traffic intensity and queueing delay:
    • Traffic intensity (approximate) \rho = \frac{L \cdot a}{R} where a is arrival rate in bits/sec (or using \lambda for arrival rate).
    • If \rho \approx 0, queueing delay is small; as \rho \to 1, queueing delay grows; if \rho > 1, the system is unstable (infinite delay in long run).
  • Real delays and routes:
    • Traceroute is used to measure delays from source to intermediate routers along a path toward a destination.
    • Process: send probes with TTL values; routers along the path reply, enabling measurement of per-hop delays.
  • Real-world traceroute example (illustrative): multiple hops with delays from 1 ms to ~110 ms across trans-oceanic paths; observed decreases in delays after crossing oceanic links due to different transmission paths.

Packet switching versus circuit switching

  • Circuit switching:
    • End-to-end resources are allocated and reserved for a call.
    • Each link allocates fixed circuits; no sharing between calls.
    • Pros: predictable performance; Cons: resources idle when not in use; less suited to bursty traffic.
    • Common in traditional telephone networks; uses FDM and TDM to allocate bandwidth.
  • Packet switching:
    • Data is sent in packets; resources are shared among many users.
    • Pros: efficient resource use for bursty traffic; simple, no call setup.
    • Cons: potential congestion, variable delay and loss; requires protocols for reliability and congestion control.
  • Key question: how to provide circuit-like behavior with packet switching? It’s possible but complex; the standard position is to study techniques to approximate circuit-like behavior while retaining packet-switching benefits.

Internet structure: a network of networks

  • Concept: numerous access ISPs connect to national/global tier-1 ISPs; ISPs interconnect to enable global reach.
  • The challenge: connecting millions of access ISPs directly (O(N^2) connections) is not scalable.
  • Solutions to scale connectivity:
    • Use global transit ISPs to connect many access ISPs.
    • Establish Internet Exchange Points (IXPs) to enable peering between networks.
    • Content provider networks (e.g., Google, Akamai) may deploy their own networks to bring content closer to end users.
  • Center-of-the-network reality:
    • A small number of large tier-1 ISPs form the core with extensive reach.
    • Peering at IXPs and regional networks helps interconnect diverse networks.
    • Content providers monetize and optimize delivery by building private networks close to users.
  • Visual concept: a few well-connected large networks at the center with many regional and access networks peering at IXPs and through transit providers.

Security in the Internet

  • The Internet was not designed with security in mind; early vision spoke of mutually trusting users on a transparent network.
  • Security challenges across layers require defense-in-depth:
    • Authentication: proving who you are (SIM-based identity in cellular networks; less hardware identity in traditional Internet access).
    • Confidentiality: encryption to protect data.
    • Integrity: digital signatures to prevent tampering.
    • Access restrictions: VPNs, firewalls to restrict unauthorized access.
    • DoS defenses: filtering, rate limiting, anomaly detection, and other measures.
  • Attack vectors discussed:
    • Packet interception/sniffing: e.g., shared Ethernet or wireless; tools like Wireshark can capture traffic in labs.
    • IP spoofing: injecting packets with false source addresses.
    • Denial of Service (DoS): overwhelming target resources with bogus traffic.
  • Emphasis: security considerations must be incorporated across all layers of the Internet stack.

Protocol layers and the OSI reference model

  • The layering concept: complex systems are easier to understand in modular layers; each layer provides services to the layer above and uses services from the layer below.
  • Airline travel analogy illustrates layering: ticketing, baggage, gate, runway, routing services, etc.; each layer provides a service and relies on the layer below.
  • Benefits of layering:
    • Explicit structure and relationships of system components.
    • Modularity facilitates maintenance and updates; changes in one layer can be isolated.
  • Internet protocol stack (practical, simplified):
    • Application layer: HTTP, IMAP, SMTP, DNS.
    • Transport layer: TCP, UDP.
    • Network layer: IP, routing protocols.
    • Link layer: Ethernet, 802.11 (WiFi), PPP.
    • Physical layer: bits on the wire.
  • Encapsulation (Matryoshka-dolls analogy):
    • Messages from the application are wrapped with a transport-layer header to form a transport segment (Ht | M).
    • The transport segment is then wrapped with a network-layer header to form a datagram ([Ht|M] with Hn).
    • The network datagram is then wrapped with a link-layer header to form a frame ([Hn|[Ht|M]] with Hl).
    • The destination eventually decapsulates: strips headers from outer layers as the packet traverses hops.
  • Visual: end-to-end view shows the cumulative encapsulation across layers and hops.
  • OSI reference model notes:
    • OSI defines seven layers: Application, Presentation, Session, Transport, Network, Data Link, Physical.
    • The Internet stack omits Presentation and Session layers; those services are implemented by applications or outside the core protocol stack.
  • The seven-layer model is often summarized as: application, transport, network, link, physical (with OSI including presentation and session as extra layers).

OSI vs. Internet layering details

  • OSI layers not found in Internet protocol stack: Presentation and Session.
  • Internet stack focuses on application, transport, network, link, and physical layers.
  • In OSI, services like encryption, compression, and session management may be handled at the Presentation and Session layers; in the Internet, those responsibilities usually reside in applications or transport/network protocols.

Encapsulation details (summary illustration)

  • Header additions at each layer:
    • Application header: Ht, containing service-level information for the application.
    • Transport header: Ht, used by transport protocol to implement service (e.g., reliability).
    • Network header: Hn, used by the network layer to implement routing to the destination.
    • Link header: Hl, used by the link layer to transfer datagrams between neighboring hosts.
  • End-to-end encapsulation sequence example: Hl Hn Ht M, with multiple header layers added as data moves from source to destination.

History of the Internet (highlights)

  • 1961: Kleinrock and queueing theory show benefits of packet-switching.
  • 1964: Baran proposes packet-switching for military nets.
  • 1967: ARPAnet conceived by ARPA.
  • 1969: First ARPAnet node becomes operational.
  • 1972: ARPAnet public demo; Network Control Protocol (NCP) first host-host protocol; first e-mail; ARPAnet has 15 nodes.
  • 1970: ALOHAnet satellite network in Hawaii.
  • 1974: Cerf and Kahn propose interconnecting networks (internetworking principles).
  • 1976: Ethernet introduced at Xerox PARC.
  • Late 70s: Proprietary networks (DECnet, SNA, XNA) coexist.
  • 1979: ARPAnet grows to ~200 nodes.
  • 1983: Deployment of TCP/IP; DNS defined for name-to-IP address translation; SMTP e-mail protocol defined.
  • 1985: FTP defined.
  • 1988: TCP congestion control develops.
  • 1980s-1990s: Emergence of CSnet, BITnet, NSFnet; lots of new protocols and networks; ~100,000 hosts and more networks.
  • Early 1990s: ARPAnet decommissioned; NSFNET restrictions on commercial use lifted (1991); Web emerges (HTML, HTTP, Mosaic/Netscape) around 1994–1995.
  • 1990s–2000s: Commercialization of the Web; killer apps (IM, P2P); internet security becomes a priority; hundreds of millions of users.
  • 2000s–present: Broadband access proliferates; SDN emerges (2008); rise of high-speed wireless (4G/5G); content providers build private networks; cloud computing grows; smartphones dominate Internet usage; ~15 billion devices attached by 2023 (approximate statistic).

Real-world delays, routes, and network measures

  • Real delays illustrate that Internet delay and loss come from several sources: queueing, processing, transmission, propagation across diverse paths.
  • Practical measurement: traceroute shows per-hop delays and variations across routes and oceanic links; delays can decrease when routing changes intermediate hops.
  • Propagation and transmission differences: propagation speed on fibers is near the speed of light in fiber; typical fiber speeds are about s \,\approx\, 2\times 10^8\ \text{m/s}.

The “caravan” analogy and queueing intuition

  • The caravan (bits) travels through toll booths (links) with service times (transmission) and propagation delays between tolls.
  • If the toll booth service time is large or traffic is heavy, lines form and delays accumulate; this helps intuition for queueing delay and traffic intensity.
  • A variant of the caravan analogy demonstrates how increasing propagation speed or reducing service time reduces total delay, illustrating the tradeoffs between link capacity, distance, and speed.

Throughput and bottlenecks

  • Throughput is the rate (bits per second) at which bits reach the destination.
  • Instantaneous throughput vs average end-to-end throughput:
    • Instantaneous: rate at a specific moment.
    • Average: rate over a longer period.
  • Bottleneck concept:
    • The end-to-end throughput is limited by the slowest link along the path (the bottleneck) or by the aggregate rate across multiple connections sharing a bottleneck link.
  • For multiple connections sharing a bottleneck link, per-connection end-to-end throughput can be modeled as the minimum of the bottleneck capacity and the share of the total traffic, e.g., for N connections sharing a bottleneck link of capacity Rb, each connection might see roughly \min(Rb, \text{share of }Rb) / N; in some models, per-connection throughput is \min(Rc, Rs, R/\text{N}) where Rc and R_s are other limiting rates.
  • Note: practical results vary with scheduling, fairness, and congestion control mechanisms.

Data-plane real-world numbers (illustrative references)

  • Cable-based access downstream/upstream: up to ext{downstream} \approx 40\text{ Mbps} - 1.2\text{ Gbps}; upstream \approx 30\text{ Mbps} - 100\text{ Mbps}.
  • DSL downstream/upstream: 24-52\text{ Mbps} downstream; 3.5-16\text{ Mbps} upstream.
  • WLAN (WiFi): 11, 54, 450 Mbps transmission rates (for common standards).
  • Cellular (4G/5G): tens of Mbps to tens of Mbps, depending on coverage and technology.
  • Satellite (Starlink-like): up to hundreds of Mbps downlink; latency can be high (geostationary case ~270 ms end-to-end).
  • Data-center networks: tens to hundreds of Gbps per link; connects hundreds to thousands of servers.
  • Real-world performance varies with network topology, congestion, and peering arrangements.

Wireshark and network monitoring

  • Wireshark is a packet sniffer/capture tool used to observe frames and packets across layers (Transport: TCP/UDP; Network: IP; Link: Ethernet) for diagnostics and labs.
  • It captures the packet header and payload, enabling deep inspection of network behavior across layers.

Summary: quick references to core concepts

  • Internet as a network of networks; edge vs core; access vs core; packet-switching vs circuit-switching.
  • Protocols govern message formats, sequences, and actions; layering provides abstraction and modularity.
  • The Internet uses a five-layer model in practice (Application, Transport, Network, Link, Physical) with OSI providing seven layers (adding Presentation and Session).
  • Key performance metrics: loss, delay, throughput; delays arise from processing, queuing, transmission, propagation; queueing and traffic intensity determine delays.
  • Security in depth: authentication, confidentiality, integrity, access control, and defensive devices like firewalls; DOS defense is essential.
  • Internet growth and evolution: early packet-switching theory, ARPAnet, TCP/IP, DNS; the Web’s rise; modern scale with SDN, mobility, and cloud.
  • Encapsulation and layering enable modular development and transparent interoperation across diverse networks.
  • Real-world measurements (traceroute) show variability in delay and loss across routes, highlighting the importance of routing, peering, and infrastructure.

Appendix: key formulas and notations

  • Transmission delay on a link: d_{trans} = \frac{L}{R} where
    • L = packet length in bits,
    • R = link transmission rate (bps).
  • Propagation delay along a link: d_{prop} = \frac{d}{s} where
    • d = length of the physical link in meters,
    • s = propagation speed in the medium (≈ 2\times 10^8\, \text{m/s} in fiber).
  • Nodal (end-to-end) delay: d{nodal} = d{proc} + d{queue} + d{trans} + d_{prop}
  • Traffic intensity (approximate): \rho = \frac{L \cdot a}{R} where
    • a = arrival rate in bits/sec (or \lambda for a rate),
    • High \rho implies larger queueing delays; \rho < 1 is generally required for stable queueing.
  • End-to-end throughput (simplified): \text{throughput} = \min(Rc, Rs, R/\text{N}) (illustrative for multiple connections sharing a bottleneck),
    • where Rc is a consumer-access bottleneck rate, Rs is server/edge rate, and R/\text{N} reflects sharing of a bottleneck link amongst N connections.
  • Propagation speed example: s \approx 2 \times 10^8 \text{ m/s} for fiber.
  • Example one-hop delay: for L=10{,}000\text{ bits} and R=100{,}000{,}000\text{ bps},
    • d_{trans} = \frac{L}{R} = 0.1\text{ ms}.