SlideShare a Scribd company logo

How Internet Works

Download as PPT, PDF
Kae Hsu, profile picture
Kae Hsu

The document discusses how the Internet works at a high level. It covers Internet topology, elements like IP addresses, autonomous systems, routers and switches. It describes routing protocols used within and between autonomous systems. It also discusses Internet security, MPLS, and how routing is performed between Internet service providers.

Technology
1 of 50
Downloaded 243 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
How the Internet works Kae Hsu Communication Network Dept. [email_address]
Agenda Internet topology Internet elements IP address & Autonomous system number IPv4, IPv6, ASN attributes Router & switch Routing protocols IGP, EGP Internet security Multiprotocol Label Switching (MPLS)
About the speaker Join seednet on 2000/12 Maintain network management platform from 2001/1 Maintain frame-relay backbone from 2001/4 Maintain domestic backbone from 2001/7 Maintain domestic peering/transit circuit from 2002/8 Maintain oversea peering/transit circuit from 2004/3 Promotion on 2005/1 Certification SCSA, SCNA (Solaris 8) CCIE#12740 (Routing & switching) JNCIP#266
Internet topology Autonomous System Autonomous System Autonomous System Autonomous System Autonomous System Autonomous System Autonomous System Autonomous System
Internet elements IP address IPv4: 32bits address space IPv6: 128bits address space Who will allocate IP address? Local Internet Registry (LIR) ISPs National Internet Registry (NIR) TWNIC in Taiwan, JPNIC in Japan Regional Internet Registry (RIR) APNIC in Asia/Pacific, ARIN in North America Internet Assigned Numbers Authority (IANA) Top level of IP & AS number assigned
Internet elements IPv4 address attributes Class A, B, C, D, E Public/Private/Specialized IPv4 address Public IP address: Routable address on Internet Private IP address (RFC1918): 10/8 172.16/12 192.168/16 Specialized IPv4 address (RFC3330): Assigned by IANA directly
Internet elements IPv6 address attributes http://www.iana.org/assignments/ipv6-address-space Last update on 2006/2/27 IPv6 Prefix Allocation Reference ----------- ------------------------ ------------ 0000::/8 Reserved by IETF [RFC3513] 0100::/8 Reserved by IETF [RFC3513] 0200::/7 Reserved by IETF [RFC4048] 0400::/6 Reserved by IETF [RFC3513] 0800::/5 Reserved by IETF [RFC3513] 1000::/4 Reserved by IETF [RFC3513] 2000::/3 Global Unicast [RFC3513] 4000::/3 Reserved by IETF [RFC3513] 6000::/3 Reserved by IETF [RFC3513] 8000::/3 Reserved by IETF [RFC3513] A000::/3 Reserved by IETF [RFC3513] C000::/3 Reserved by IETF [RFC3513] E000::/4 Reserved by IETF [RFC3513] F000::/5 Reserved by IETF [RFC3513] F800::/6 Reserved by IETF [RFC3513] FC00::/7 Unique Local Unicast [RFC4193] FE00::/9 Reserved by IETF [RFC3513] FE80::/10 Link Local Unicast [RFC3513] FEC0::/10 Reserved by IETF [RFC3879] FF00::/8 Multicast [RFC3513]
Internet elements Autonomous system On the Internet, an autonomous system is a collection of IP networks under the control of a single entity that presents a common routing policy to the Internet . See RFC1930 for detail Autonomous system number (ASN) A public AS has a globally unique number, an Autonomous System number (ASN), associated with it; this number is used in both the exchange of exterior routing information (between neighboring Autonomous Systems), and as an identifier of the AS itself.
Internet elements ASN address space 2-byte ASN 4-byte ASN (In IETF draft) ASN attribute Public ASN: 1~64511 0000000000000001~1111101111111111 Private ASN: 64512~65535 1111110000000000~1111111111111111 Private ASN is not routable on Internet
Internet elements Build ISP POPs (Point of presences) Autonomous System ISP POP ISP POP ISP POP ISP POP ISP POP ISP POP
Internet elements Network topology in ISP POP Three layers architecture Core layer Distribution layer Access layer ISP POP Distribution layer Core layer Access layer
Internet elements Core layer Use high end router in this layer Cisco System (CSCO) XR 12000 & 12000 series router CRS-1 Carrier Routing System Juniper Networks (JNPR) M series router M7i, M10i, M40e, M120, M320 T series router T320, T640, TX Matrix
Internet elements Core router: CSCO XR 12000 series router
Internet elements Core router: CSCO CRS-1 Carrier Routing System
Internet elements Core router: JNPR M-series router
Internet elements Core router – JNPR T-series router
Internet elements Distribution layer Keep local traffic in local Higher port density than core router Much cheaper than core router (per port) Use router or L3 switch Router CSCO 7600 series router JNPR MX960 L3 switch CSCO 6500 series switch Foundry Extreme
Internet elements Distribution layer router: CSCO 7600
Internet elements Distribution layer router: JNPR MX960
Internet elements Distribution layer router: CSCO 6500
Internet elements Access layer Face to customers Aggregate many low-speed circuit to one or two high-speed circuit Face to customer: T1, E1, ADSL Connect to distribution layer: FE, GE Use access router or Broadband Remote Access Server (BRAS) Router CSCO 3700, 7200, 7300 series router JNPR M-series router BRAS Redback SmartEdge JNPR E-series BRAS routing platform (ERX)
Internet elements Access layer: CSCO 7200 series router
Internet elements Access layer: Redback SmartEdge
Internet elements Access layer: JNPR E-series routing platform
Internet elements How to connect each equipments in POP? Ethernet family Ten Gigabit Ethernet (10000Mbps) Gigabit Ethernet (1000Mbps) Fast Ethernet (100Mbps) How to connect each POPs? Kinds of circuits SONET/SDH based circuit ATM or Frame-relay based circuit Ethernet based circuit DWDM based circuit Dark fiber
Internet elements SONET/SDH based circuit SONET: ANSI/Telcordia standard SDH: ITU-T standard Major different in framing structure Basic SONET framing unit: STS-1, 51.84Mbps STS-1 frame size: 6480bits Basic SDH framing unit: STM-1, 155.52Mbps STM-1 frame size: 19440bits Frame rate of SONET/SDH is 8000 frame/sec Use mux/demux to package low-speed circuit (T1/E1/E3/T3/ATM/Ethernet) into SONET/SDH frame Advantage: low overhead SONET/SDH overhead: 3.33% ATM overhead: 9.43%
Internet elements ATM and Frame-relay based circuit Basic in ATM circuit: cell fix length: 53bytes, use 5 bytes for header speed: from 155Mbps to 622Mbps Basic in Frame-relay circuit: Frame speed: from 64Kbps to 45Mbps Ethernet based circuit Metro Ethernet DWDM based circuit Use different lambda ( λ ) to carry different traffic Physical layer equipment Dark fiber
Internet elements Routing protocol used by ISP Interior Gateway Protocol (IGP) A set of routing protocols that are used within an autonomous system Opposites: Exterior Gateway Protocol (EGP) Routing protocol used among ISP POPs 100% control by ISP OSPF or IS-IS Routing protocol used between ISP and customer static route for only one circuit Use RIP for multiple circuit
Internet elements Distance Vector routing protocol Routing Information Protocol (RIP) RIPv1 (classful), RIPv2 (classless), RIPng (IPv6) Interior Gateway Routing Protocol (IGRP) Cisco system property Add other factors for routing selection
Internet elements Link State routing protocol Open Shortest Path First (OSPF) Based on Dijkstra Shortest Path First algorithm Draft/standardized by Internet Engineering Task Force (IETF) OSPFv2, OSPFv3 (IPv6) Intermediate system to intermediate system (IS-IS) Based on Dijkstra Shortest Path First algorithm Draft/standardized by International Standards Organization (ISO) Enhanced IGRP Cisco system property Integrated link state and distance vector routing protocol
Internet elements Routing information exchange Access layer propagate customer routes to distribution layer Distribution layer propagate/aggregate customer routes to core layer Core layer exchange POPs routing information Scalability problem?
Seednet domestic backbone OC3/STM-1 STM-4 GE STM-16/Fiber Router(s) of POP Shiji Taoyuan Hsinchu Yilan Miaoli Taichung Changhwa Yungling Hualian Taitong Pingtong Kaohsiung Tainan NeiHu Nantou Chiayi Icon remark
Internet elements How to connect to other ASN? Use lots of circuit to connect to other ASN Localloop IPLC Core router colocation in Internet eXchange (IX), use in-house wire to peering with other ASN Use public peering service of IX NOT all of the ASN in the world would peering with you in free Mostly, free peering happened between two ISPs with similar scale Inbound/Outbound traffic is not the key
Internet elements It is hard to peer with all ASN in the world Cost Cost Cost Transit service Upstream ISP bring Internet traffic to downstream ISP ISPs didn’t need anyone to transit traffic for them: Tier-1 ISP There are 9 Tier-1 ISP defined by wiki
Seednet exterior status Icon remark Router(s) of POP US Hinet China T3 100M FE TWIX GSN 155M STM-1 Gigamedia GigabitEthernet Asia/HK/JP STM-4 STM-16 JP(NTT) APTG FLAG Taoyuan MOECC(TANet) NCU(600M) NCTU NCHU(600M) NCKU NSYSU(600M) CCU(600M) Taipei ASCC Hsinchu Taichung Chiayi Tainan Kaohsiung
Internet elements Routing exchange between ISPs Exterior Gateway Protocol EGP Border Gateway Protocol (BGP) BGP Currently: BGP version 4 Lots of attribute for routing control Distance Vector routing protocol Use AS path to prevent routing loop Use AS path length to select best route Flexible on routing tag, attribute re-write, filtering Flexible and capable in attribute extention.
Internet elements Routing/traffic control by BGP expensive cheap AS100 AS200+AS100 AS100 AS300+AS100 AS400+AS300+AS100 AS100, 192.168/16 AS300 AS200 AS400 AS500
Internet elements Routing/traffic control by BGP – AS path length AS prepend expensive cheap AS100+AS100+AS100 AS200+AS100+AS100+AS100 AS100 AS300+AS100 AS400+AS300+AS100 AS100, 192.168/16 AS300 AS200 AS400 AS500
Internet elements Routing/traffic control by BGP – longest match IP blocks slice expensive cheap 192.168/16 192.168/16 192.168/17, 192.168.128/17 192.168/17, 192.168.128/17 192.168/17, 192.168.128/17 AS100, 192.168/16 AS300 AS200 AS400 AS500
Internet elements Risk in IP blocks slice Normal situation STM-16 FE 192.168/16 192.168/17, 192.168.128/17 192.168/16 AS100, 192.168/16 AS200, transit AS600, peering Internet
Internet elements Risks in IP blocks slice OOPS situation STM-16 FE 192.168/16 192.168/17, 192.168.128/17 192.168/16 192.168/17, 192.168.128/17 congestion!!! error AS100, 192.168/16 AS200, transit AS600, peering Internet
Internet elements Use BGP to scale IGP BGP used in the ASN called Interior BGP (iBGP) BGP used between ASN is called Exterior BGP (eBGP) Tiny characteristic difference between iBGP and eBGP Use iBGP to carry customer routes in ASN Add suitable attribute in customer BGP routes Store routes:next-hop information Use IGP to carry next-hop information for iBGP Router will use “recursive lookup” for routing search Check routes:next-hop from iBGP Check next-hop from IGP Forwarding packets to next-hop
Internet elements Information resource RFC Internet group IANA, RIR NANOG (North American Network Operators' Group) Internet society IETF Internet forum & newsgroup http://www.groupstudy.com/ puck.nether.net Mailing Lists Internet group newsgroup
Internet security Security issue on BGP Authenticated BGP neighbor? Use MD5 password to protect BGP session Authenticated BGP routes? Routing Assets Database (RADB) IP address & ASes certification APNIC project
Internet security Discard BGP routes from BGP routes belong private IP addresses RFC1918 Some BGP routes belong specialized IP addresses RFC3330 BGP routes belong private ASN RFC1930 BGP routes belong “Bogon IP blocks” Bogon IP blocks: IP blocks assigned by IANA but not assigned by RIR Discard packets that source IP address belong BGP routes above is safe
Internet security Prevent IP spoofing Prevent IP spoofing outside your network Check source IP address of packets from your BGP neighbor For packet with source IP address belong your ASN, just discard it Prevent IP spoofing in your network Check source IP address of packets from your customer For packet with source IP address doesn’t belong your customer, just discard it
Internet security Internet attack TCP sync flooding Smurf attack Distributed Denied of Service
Internet security Common ways to block DDoS attack Black hole Sink hole
MPLS Traditional packet forwarding Routing lookup MPLS packet forwarding Each MPLS router will build a database to map routes to special label Use label to forward packet MPLS application MPLS VPN MPLS Traffic Engineering (MPLS TE) MPLS QoS
MPLS Virtual Private Network (VPN) Traditional VPN Based on ATM and Frame-relay IPsec VPN MPLS VPN Use label stack to differentiate different VPN Provision for L2 or L3 network MPLS TE Use MPLS to pre-build some MPLS TE tunnels Router forward traffic via MPLS TE tunnel path, instead of IGP path. Provide more flexibility than IGP MPLS QoS

More Related Content

What's hot (18)

PPTX
Introduction to Internet
SameerFareedMughal
 
PDF
Understanding computer networks
UC San Diego
 
PPTX
Internet and intranet
Subrata Kumer Paul
 
PPTX
Networks
Edward Blurock
 
PPT
GSBA - IT Orientation Program by Prof. Amit Chandra
Amit Chandra
 
PPTX
Topic 2.2 network protocol
Atika Zaimi
 
DOC
Introduction internet appli
Theon Jum
 
PPT
Session 2
Nanyang Technological University, Singapore
 
PPT
Networking basics PPT
Ehsan Ullah Kakar
 
PPTX
Topic 1.1 basic concepts of computer network
Atika Zaimi
 
PPT
Chapter 9A
রেদওয়ান হৃদয়
 
PDF
Web technology
Selvin Josy Bai Somu
 
PDF
Computer network (12)
NYversity
 
PPT
Community Wireless Networks
daveph
 
PPT
Chap1 Internet Fundamental
nizamhusen
 
PPTX
Network protocals
reddivarihareesh
 
PPT
Chapter7 Computer Networks
Muhammad Waqas
 
PPTX
Windows network administration Basic theories
Ravi Yasas
 
Introduction to Internet
SameerFareedMughal
 
Understanding computer networks
UC San Diego
 
Internet and intranet
Subrata Kumer Paul
 
Networks
Edward Blurock
 
GSBA - IT Orientation Program by Prof. Amit Chandra
Amit Chandra
 
Topic 2.2 network protocol
Atika Zaimi
 
Introduction internet appli
Theon Jum
 
Session 2
Nanyang Technological University, Singapore
 
Networking basics PPT
Ehsan Ullah Kakar
 
Topic 1.1 basic concepts of computer network
Atika Zaimi
 
Chapter 9A
রেদওয়ান হৃদয়
 
Web technology
Selvin Josy Bai Somu
 
Computer network (12)
NYversity
 
Community Wireless Networks
daveph
 
Chap1 Internet Fundamental
nizamhusen
 
Network protocals
reddivarihareesh
 
Chapter7 Computer Networks
Muhammad Waqas
 
Windows network administration Basic theories
Ravi Yasas
 

Viewers also liked (20)

PPT
Internet And How It Works
ftz 420
 
PPTX
Computer networking wire color powerpoint templates
http://www.slideworld.com/
 
PPT
1 introduction-to-computer-networking
Rozitarmizi Mohammad
 
PPTX
Chapter 1 computer networking Class 12th
Harsh Mathur
 
PDF
Privacy and how the Internet works
Dom Cimafranca
 
PPTX
Community based routing scheme for future Internet considering PLM systems
Yatish Bathla
 
PPTX
How internet works and how messages are transferred in Internet
pagetron
 
PDF
Rawnet Lightning Talk - Design Inspiration
Rawnet
 
PDF
Rawnet Lightning Talk - 'What is an idea & how do you create them?'
Rawnet
 
PDF
Botnets & DDoS Introduction
Kae Hsu
 
PPTX
FEGTS IP Training - Network Diagnostic Introduction
Kae Hsu
 
PPTX
Rawnet Lightning Talk - Web Components
Rawnet
 
PPT
Toward The Semantic Deep Web
Samiul Hoque
 
PDF
Noisy information transmission through molecular interaction networks
Michael Stumpf
 
PPTX
Rawnet Lightning talk - 'A Day in the Life of an Account Manager'
Rawnet
 
PPTX
A review of Concrete 5 and what is new in version 5.7
Rawnet
 
PDF
4 Byte As Ns Test Scenarios
Kae Hsu
 
PPT
Web 101 by Jennifer Lill
Jennifer Lill
 
PDF
How To Process And Solve Network Security In ISP
Kae Hsu
 
PPT
4 byte AS number workshop material
Kae Hsu
 
Internet And How It Works
ftz 420
 
Computer networking wire color powerpoint templates
http://www.slideworld.com/
 
1 introduction-to-computer-networking
Rozitarmizi Mohammad
 
Chapter 1 computer networking Class 12th
Harsh Mathur
 
Privacy and how the Internet works
Dom Cimafranca
 
Community based routing scheme for future Internet considering PLM systems
Yatish Bathla
 
How internet works and how messages are transferred in Internet
pagetron
 
Rawnet Lightning Talk - Design Inspiration
Rawnet
 
Rawnet Lightning Talk - 'What is an idea & how do you create them?'
Rawnet
 
Botnets & DDoS Introduction
Kae Hsu
 
FEGTS IP Training - Network Diagnostic Introduction
Kae Hsu
 
Rawnet Lightning Talk - Web Components
Rawnet
 
Toward The Semantic Deep Web
Samiul Hoque
 
Noisy information transmission through molecular interaction networks
Michael Stumpf
 
Rawnet Lightning talk - 'A Day in the Life of an Account Manager'
Rawnet
 
A review of Concrete 5 and what is new in version 5.7
Rawnet
 
4 Byte As Ns Test Scenarios
Kae Hsu
 
Web 101 by Jennifer Lill
Jennifer Lill
 
How To Process And Solve Network Security In ISP
Kae Hsu
 
4 byte AS number workshop material
Kae Hsu
 
Ad

Similar to How Internet Works (20)

PPT
Networking Basics
SMC Networks Europe
 
PDF
huawei-ce7850-32q-ei-brochure-datasheet.pdf
Hi-Network.com
 
PDF
FS S5800 Series 48xGigabit SFP with 4x10GbE SFP+ Switch
Katherine Wang
 
PPTX
Normas y Estándares
guestc07d512a
 
PPTX
Hardened Ethernet In ITS 2010
ethersteve
 
PDF
huawei-ce7850-32q-ei-f-brochure-datasheet.pdf
Hi-Network.com
 
PDF
huawei-ce6850u-48s6q-hi-brochure-datasheet.pdf
Hi-Network.com
 
PPTX
Local Area Network – Wired LAN
Raj vardhan
 
PDF
huawei-ce6850-48s4q-ei-brochure-datasheet.pdf
Hi-Network.com
 
PPTX
CCNA
Abhishek Parihari
 
PPT
ESTECHPOINT Iot Demo
estech point
 
PDF
802.11 Protocol Map
Chris x-MS
 
PPTX
CCNA Exam 640-802 Version 9.3
Ravi Yasas
 
PDF
huawei-ce7850-32q-ei-b-brochure-datasheet.pdf
Hi-Network.com
 
PDF
S5850 datasheet
Teresa Huang
 
PDF
S5850 3-datasheet
Teresa Huang
 
PDF
S5850 datasheet
Teresa Huang
 
PDF
S5850 datasheet
Teresa Huang
 
PDF
S5850 3-datasheet
Teresa Huang
 
PDF
S5850 3-datasheet
Teresa Huang
 
Networking Basics
SMC Networks Europe
 
huawei-ce7850-32q-ei-brochure-datasheet.pdf
Hi-Network.com
 
FS S5800 Series 48xGigabit SFP with 4x10GbE SFP+ Switch
Katherine Wang
 
Normas y Estándares
guestc07d512a
 
Hardened Ethernet In ITS 2010
ethersteve
 
huawei-ce7850-32q-ei-f-brochure-datasheet.pdf
Hi-Network.com
 
huawei-ce6850u-48s6q-hi-brochure-datasheet.pdf
Hi-Network.com
 
Local Area Network – Wired LAN
Raj vardhan
 
huawei-ce6850-48s4q-ei-brochure-datasheet.pdf
Hi-Network.com
 
CCNA
Abhishek Parihari
 
ESTECHPOINT Iot Demo
estech point
 
802.11 Protocol Map
Chris x-MS
 
CCNA Exam 640-802 Version 9.3
Ravi Yasas
 
huawei-ce7850-32q-ei-b-brochure-datasheet.pdf
Hi-Network.com
 
S5850 datasheet
Teresa Huang
 
S5850 3-datasheet
Teresa Huang
 
S5850 datasheet
Teresa Huang
 
S5850 datasheet
Teresa Huang
 
S5850 3-datasheet
Teresa Huang
 
S5850 3-datasheet
Teresa Huang
 
Ad

More from Kae Hsu (12)

PDF
20th TWNIC OPM IPv6 Support by SDN & NFV
Kae Hsu
 
PPT
CDN and ISP Operation
Kae Hsu
 
PPT
FEGTS IP training - TCP/IP Introduction
Kae Hsu
 
PPT
Network and TCP performance relationship workshop
Kae Hsu
 
PPT
Network Design in Cloud-ready IDC
Kae Hsu
 
PPT
TWNIC 13th OPM session
Kae Hsu
 
PDF
4byte As Number Migration Suggestion
Kae Hsu
 
PDF
Redundant Internet service provision - customer viewpoint
Kae Hsu
 
PDF
Suggestions for end users to deploy multihoming, load-balance and load-sharing
Kae Hsu
 
PDF
r2
Kae Hsu
 
PDF
Suggestions for end users to deploy multihoming, load-balance and load-sharing
Kae Hsu
 
PDF
Suggestions for end users to deploy multihoming, load-balance and load-sharing
Kae Hsu
 
20th TWNIC OPM IPv6 Support by SDN & NFV
Kae Hsu
 
CDN and ISP Operation
Kae Hsu
 
FEGTS IP training - TCP/IP Introduction
Kae Hsu
 
Network and TCP performance relationship workshop
Kae Hsu
 
Network Design in Cloud-ready IDC
Kae Hsu
 
TWNIC 13th OPM session
Kae Hsu
 
4byte As Number Migration Suggestion
Kae Hsu
 
Redundant Internet service provision - customer viewpoint
Kae Hsu
 
Suggestions for end users to deploy multihoming, load-balance and load-sharing
Kae Hsu
 
r2
Kae Hsu
 
Suggestions for end users to deploy multihoming, load-balance and load-sharing
Kae Hsu
 
Suggestions for end users to deploy multihoming, load-balance and load-sharing
Kae Hsu
 

Recently uploaded (20)

PPTX
Agile Chennai 18-19 July 2025 | Emerging patterns in Agentic AI by Bharani Su...
AgileNetwork
 
PDF
CIFDAQ's Market Wrap : Bears Back in Control?
CIFDAQ
 
PDF
Tea4chat - another LLM Project by Kerem Atam
a0m0rajab1
 
PDF
NewMind AI Weekly Chronicles – July’25, Week III
NewMind AI
 
PDF
RAT Builders - How to Catch Them All [DeepSec 2024]
malmoeb
 
PDF
How ETL Control Logic Keeps Your Pipelines Safe and Reliable.pdf
Stryv Solutions Pvt. Ltd.
 
PDF
GDG Cloud Munich - Intro - Luiz Carneiro - #BuildWithAI - July - Abdel.pdf
Luiz Carneiro
 
PDF
Researching The Best Chat SDK Providers in 2025
Ray Fields
 
PDF
Market Insight : ETH Dominance Returns
CIFDAQ
 
PDF
MASTERDECK GRAPHSUMMIT SYDNEY (Public).pdf
Neo4j
 
PPTX
AI and Robotics for Human Well-being.pptx
JAYMIN SUTHAR
 
PPTX
OA presentation.pptx OA presentation.pptx
pateldhruv002338
 
PDF
Build with AI and GDG Cloud Bydgoszcz- ADK .pdf
jaroslawgajewski1
 
PDF
Make GenAI investments go further with the Dell AI Factory
Principled Technologies
 
PDF
Generative AI vs Predictive AI-The Ultimate Comparison Guide
Lily Clark
 
PPTX
cloud computing vai.pptx for the project
vaibhavdobariyal79
 
PPTX
Introduction to Flutter by Ayush Desai.pptx
ayushdesai204
 
PDF
The Future of Artificial Intelligence (AI)
Mukul
 
PPTX
Agentic AI in Healthcare Driving the Next Wave of Digital Transformation
danielle hunter
 
PPTX
Agile Chennai 18-19 July 2025 | Workshop - Enhancing Agile Collaboration with...
AgileNetwork
 
Agile Chennai 18-19 July 2025 | Emerging patterns in Agentic AI by Bharani Su...
AgileNetwork
 
CIFDAQ's Market Wrap : Bears Back in Control?
CIFDAQ
 
Tea4chat - another LLM Project by Kerem Atam
a0m0rajab1
 
NewMind AI Weekly Chronicles – July’25, Week III
NewMind AI
 
RAT Builders - How to Catch Them All [DeepSec 2024]
malmoeb
 
How ETL Control Logic Keeps Your Pipelines Safe and Reliable.pdf
Stryv Solutions Pvt. Ltd.
 
GDG Cloud Munich - Intro - Luiz Carneiro - #BuildWithAI - July - Abdel.pdf
Luiz Carneiro
 
Researching The Best Chat SDK Providers in 2025
Ray Fields
 
Market Insight : ETH Dominance Returns
CIFDAQ
 
MASTERDECK GRAPHSUMMIT SYDNEY (Public).pdf
Neo4j
 
AI and Robotics for Human Well-being.pptx
JAYMIN SUTHAR
 
OA presentation.pptx OA presentation.pptx
pateldhruv002338
 
Build with AI and GDG Cloud Bydgoszcz- ADK .pdf
jaroslawgajewski1
 
Make GenAI investments go further with the Dell AI Factory
Principled Technologies
 
Generative AI vs Predictive AI-The Ultimate Comparison Guide
Lily Clark
 
cloud computing vai.pptx for the project
vaibhavdobariyal79
 
Introduction to Flutter by Ayush Desai.pptx
ayushdesai204
 
The Future of Artificial Intelligence (AI)
Mukul
 
Agentic AI in Healthcare Driving the Next Wave of Digital Transformation
danielle hunter
 
Agile Chennai 18-19 July 2025 | Workshop - Enhancing Agile Collaboration with...
AgileNetwork
 

How Internet Works

  • 1. How the Internet works Kae Hsu Communication Network Dept. [email_address]
  • 2. Agenda Internet topology Internet elements IP address & Autonomous system number IPv4, IPv6, ASN attributes Router & switch Routing protocols IGP, EGP Internet security Multiprotocol Label Switching (MPLS)
  • 3. About the speaker Join seednet on 2000/12 Maintain network management platform from 2001/1 Maintain frame-relay backbone from 2001/4 Maintain domestic backbone from 2001/7 Maintain domestic peering/transit circuit from 2002/8 Maintain oversea peering/transit circuit from 2004/3 Promotion on 2005/1 Certification SCSA, SCNA (Solaris 8) CCIE#12740 (Routing & switching) JNCIP#266
  • 4. Internet topology Autonomous System Autonomous System Autonomous System Autonomous System Autonomous System Autonomous System Autonomous System Autonomous System
  • 5. Internet elements IP address IPv4: 32bits address space IPv6: 128bits address space Who will allocate IP address? Local Internet Registry (LIR) ISPs National Internet Registry (NIR) TWNIC in Taiwan, JPNIC in Japan Regional Internet Registry (RIR) APNIC in Asia/Pacific, ARIN in North America Internet Assigned Numbers Authority (IANA) Top level of IP & AS number assigned
  • 6. Internet elements IPv4 address attributes Class A, B, C, D, E Public/Private/Specialized IPv4 address Public IP address: Routable address on Internet Private IP address (RFC1918): 10/8 172.16/12 192.168/16 Specialized IPv4 address (RFC3330): Assigned by IANA directly
  • 7. Internet elements IPv6 address attributes http://www.iana.org/assignments/ipv6-address-space Last update on 2006/2/27 IPv6 Prefix Allocation Reference ----------- ------------------------ ------------ 0000::/8 Reserved by IETF [RFC3513] 0100::/8 Reserved by IETF [RFC3513] 0200::/7 Reserved by IETF [RFC4048] 0400::/6 Reserved by IETF [RFC3513] 0800::/5 Reserved by IETF [RFC3513] 1000::/4 Reserved by IETF [RFC3513] 2000::/3 Global Unicast [RFC3513] 4000::/3 Reserved by IETF [RFC3513] 6000::/3 Reserved by IETF [RFC3513] 8000::/3 Reserved by IETF [RFC3513] A000::/3 Reserved by IETF [RFC3513] C000::/3 Reserved by IETF [RFC3513] E000::/4 Reserved by IETF [RFC3513] F000::/5 Reserved by IETF [RFC3513] F800::/6 Reserved by IETF [RFC3513] FC00::/7 Unique Local Unicast [RFC4193] FE00::/9 Reserved by IETF [RFC3513] FE80::/10 Link Local Unicast [RFC3513] FEC0::/10 Reserved by IETF [RFC3879] FF00::/8 Multicast [RFC3513]
  • 8. Internet elements Autonomous system On the Internet, an autonomous system is a collection of IP networks under the control of a single entity that presents a common routing policy to the Internet . See RFC1930 for detail Autonomous system number (ASN) A public AS has a globally unique number, an Autonomous System number (ASN), associated with it; this number is used in both the exchange of exterior routing information (between neighboring Autonomous Systems), and as an identifier of the AS itself.
  • 9. Internet elements ASN address space 2-byte ASN 4-byte ASN (In IETF draft) ASN attribute Public ASN: 1~64511 0000000000000001~1111101111111111 Private ASN: 64512~65535 1111110000000000~1111111111111111 Private ASN is not routable on Internet
  • 10. Internet elements Build ISP POPs (Point of presences) Autonomous System ISP POP ISP POP ISP POP ISP POP ISP POP ISP POP
  • 11. Internet elements Network topology in ISP POP Three layers architecture Core layer Distribution layer Access layer ISP POP Distribution layer Core layer Access layer
  • 12. Internet elements Core layer Use high end router in this layer Cisco System (CSCO) XR 12000 & 12000 series router CRS-1 Carrier Routing System Juniper Networks (JNPR) M series router M7i, M10i, M40e, M120, M320 T series router T320, T640, TX Matrix
  • 13. Internet elements Core router: CSCO XR 12000 series router
  • 14. Internet elements Core router: CSCO CRS-1 Carrier Routing System
  • 15. Internet elements Core router: JNPR M-series router
  • 16. Internet elements Core router – JNPR T-series router
  • 17. Internet elements Distribution layer Keep local traffic in local Higher port density than core router Much cheaper than core router (per port) Use router or L3 switch Router CSCO 7600 series router JNPR MX960 L3 switch CSCO 6500 series switch Foundry Extreme
  • 18. Internet elements Distribution layer router: CSCO 7600
  • 19. Internet elements Distribution layer router: JNPR MX960
  • 20. Internet elements Distribution layer router: CSCO 6500
  • 21. Internet elements Access layer Face to customers Aggregate many low-speed circuit to one or two high-speed circuit Face to customer: T1, E1, ADSL Connect to distribution layer: FE, GE Use access router or Broadband Remote Access Server (BRAS) Router CSCO 3700, 7200, 7300 series router JNPR M-series router BRAS Redback SmartEdge JNPR E-series BRAS routing platform (ERX)
  • 22. Internet elements Access layer: CSCO 7200 series router
  • 23. Internet elements Access layer: Redback SmartEdge
  • 24. Internet elements Access layer: JNPR E-series routing platform
  • 25. Internet elements How to connect each equipments in POP? Ethernet family Ten Gigabit Ethernet (10000Mbps) Gigabit Ethernet (1000Mbps) Fast Ethernet (100Mbps) How to connect each POPs? Kinds of circuits SONET/SDH based circuit ATM or Frame-relay based circuit Ethernet based circuit DWDM based circuit Dark fiber
  • 26. Internet elements SONET/SDH based circuit SONET: ANSI/Telcordia standard SDH: ITU-T standard Major different in framing structure Basic SONET framing unit: STS-1, 51.84Mbps STS-1 frame size: 6480bits Basic SDH framing unit: STM-1, 155.52Mbps STM-1 frame size: 19440bits Frame rate of SONET/SDH is 8000 frame/sec Use mux/demux to package low-speed circuit (T1/E1/E3/T3/ATM/Ethernet) into SONET/SDH frame Advantage: low overhead SONET/SDH overhead: 3.33% ATM overhead: 9.43%
  • 27. Internet elements ATM and Frame-relay based circuit Basic in ATM circuit: cell fix length: 53bytes, use 5 bytes for header speed: from 155Mbps to 622Mbps Basic in Frame-relay circuit: Frame speed: from 64Kbps to 45Mbps Ethernet based circuit Metro Ethernet DWDM based circuit Use different lambda ( λ ) to carry different traffic Physical layer equipment Dark fiber
  • 28. Internet elements Routing protocol used by ISP Interior Gateway Protocol (IGP) A set of routing protocols that are used within an autonomous system Opposites: Exterior Gateway Protocol (EGP) Routing protocol used among ISP POPs 100% control by ISP OSPF or IS-IS Routing protocol used between ISP and customer static route for only one circuit Use RIP for multiple circuit
  • 29. Internet elements Distance Vector routing protocol Routing Information Protocol (RIP) RIPv1 (classful), RIPv2 (classless), RIPng (IPv6) Interior Gateway Routing Protocol (IGRP) Cisco system property Add other factors for routing selection
  • 30. Internet elements Link State routing protocol Open Shortest Path First (OSPF) Based on Dijkstra Shortest Path First algorithm Draft/standardized by Internet Engineering Task Force (IETF) OSPFv2, OSPFv3 (IPv6) Intermediate system to intermediate system (IS-IS) Based on Dijkstra Shortest Path First algorithm Draft/standardized by International Standards Organization (ISO) Enhanced IGRP Cisco system property Integrated link state and distance vector routing protocol
  • 31. Internet elements Routing information exchange Access layer propagate customer routes to distribution layer Distribution layer propagate/aggregate customer routes to core layer Core layer exchange POPs routing information Scalability problem?
  • 32. Seednet domestic backbone OC3/STM-1 STM-4 GE STM-16/Fiber Router(s) of POP Shiji Taoyuan Hsinchu Yilan Miaoli Taichung Changhwa Yungling Hualian Taitong Pingtong Kaohsiung Tainan NeiHu Nantou Chiayi Icon remark
  • 33. Internet elements How to connect to other ASN? Use lots of circuit to connect to other ASN Localloop IPLC Core router colocation in Internet eXchange (IX), use in-house wire to peering with other ASN Use public peering service of IX NOT all of the ASN in the world would peering with you in free Mostly, free peering happened between two ISPs with similar scale Inbound/Outbound traffic is not the key
  • 34. Internet elements It is hard to peer with all ASN in the world Cost Cost Cost Transit service Upstream ISP bring Internet traffic to downstream ISP ISPs didn’t need anyone to transit traffic for them: Tier-1 ISP There are 9 Tier-1 ISP defined by wiki
  • 35. Seednet exterior status Icon remark Router(s) of POP US Hinet China T3 100M FE TWIX GSN 155M STM-1 Gigamedia GigabitEthernet Asia/HK/JP STM-4 STM-16 JP(NTT) APTG FLAG Taoyuan MOECC(TANet) NCU(600M) NCTU NCHU(600M) NCKU NSYSU(600M) CCU(600M) Taipei ASCC Hsinchu Taichung Chiayi Tainan Kaohsiung
  • 36. Internet elements Routing exchange between ISPs Exterior Gateway Protocol EGP Border Gateway Protocol (BGP) BGP Currently: BGP version 4 Lots of attribute for routing control Distance Vector routing protocol Use AS path to prevent routing loop Use AS path length to select best route Flexible on routing tag, attribute re-write, filtering Flexible and capable in attribute extention.
  • 37. Internet elements Routing/traffic control by BGP expensive cheap AS100 AS200+AS100 AS100 AS300+AS100 AS400+AS300+AS100 AS100, 192.168/16 AS300 AS200 AS400 AS500
  • 38. Internet elements Routing/traffic control by BGP – AS path length AS prepend expensive cheap AS100+AS100+AS100 AS200+AS100+AS100+AS100 AS100 AS300+AS100 AS400+AS300+AS100 AS100, 192.168/16 AS300 AS200 AS400 AS500
  • 39. Internet elements Routing/traffic control by BGP – longest match IP blocks slice expensive cheap 192.168/16 192.168/16 192.168/17, 192.168.128/17 192.168/17, 192.168.128/17 192.168/17, 192.168.128/17 AS100, 192.168/16 AS300 AS200 AS400 AS500
  • 40. Internet elements Risk in IP blocks slice Normal situation STM-16 FE 192.168/16 192.168/17, 192.168.128/17 192.168/16 AS100, 192.168/16 AS200, transit AS600, peering Internet
  • 41. Internet elements Risks in IP blocks slice OOPS situation STM-16 FE 192.168/16 192.168/17, 192.168.128/17 192.168/16 192.168/17, 192.168.128/17 congestion!!! error AS100, 192.168/16 AS200, transit AS600, peering Internet
  • 42. Internet elements Use BGP to scale IGP BGP used in the ASN called Interior BGP (iBGP) BGP used between ASN is called Exterior BGP (eBGP) Tiny characteristic difference between iBGP and eBGP Use iBGP to carry customer routes in ASN Add suitable attribute in customer BGP routes Store routes:next-hop information Use IGP to carry next-hop information for iBGP Router will use “recursive lookup” for routing search Check routes:next-hop from iBGP Check next-hop from IGP Forwarding packets to next-hop
  • 43. Internet elements Information resource RFC Internet group IANA, RIR NANOG (North American Network Operators' Group) Internet society IETF Internet forum & newsgroup http://www.groupstudy.com/ puck.nether.net Mailing Lists Internet group newsgroup
  • 44. Internet security Security issue on BGP Authenticated BGP neighbor? Use MD5 password to protect BGP session Authenticated BGP routes? Routing Assets Database (RADB) IP address & ASes certification APNIC project
  • 45. Internet security Discard BGP routes from BGP routes belong private IP addresses RFC1918 Some BGP routes belong specialized IP addresses RFC3330 BGP routes belong private ASN RFC1930 BGP routes belong “Bogon IP blocks” Bogon IP blocks: IP blocks assigned by IANA but not assigned by RIR Discard packets that source IP address belong BGP routes above is safe
  • 46. Internet security Prevent IP spoofing Prevent IP spoofing outside your network Check source IP address of packets from your BGP neighbor For packet with source IP address belong your ASN, just discard it Prevent IP spoofing in your network Check source IP address of packets from your customer For packet with source IP address doesn’t belong your customer, just discard it
  • 47. Internet security Internet attack TCP sync flooding Smurf attack Distributed Denied of Service
  • 48. Internet security Common ways to block DDoS attack Black hole Sink hole
  • 49. MPLS Traditional packet forwarding Routing lookup MPLS packet forwarding Each MPLS router will build a database to map routes to special label Use label to forward packet MPLS application MPLS VPN MPLS Traffic Engineering (MPLS TE) MPLS QoS
  • 50. MPLS Virtual Private Network (VPN) Traditional VPN Based on ATM and Frame-relay IPsec VPN MPLS VPN Use label stack to differentiate different VPN Provision for L2 or L3 network MPLS TE Use MPLS to pre-build some MPLS TE tunnels Router forward traffic via MPLS TE tunnel path, instead of IGP path. Provide more flexibility than IGP MPLS QoS