Travel Through the Internet

* NAT, firewalls

* Gateways, routing, ICMP

* Broadcast and multicast

* TCP congestion control

Packets Go In, Packets Come Out

* When a packet leaves the LAN, it travels to an "edge
  router"
  * A router is just a computer with multiple network interfaces
    willing to move IP packets from one to the other

* The edge router sends it on into routers in the "core
  Internet"

* Eventually, it hits an edge router at the other end (maybe)

* Finally, it travels on the LAN to its destination
  * We talked about the LAN mechanisms last week

NAT

* Talked some earlier: Rewrite IP addresses and/or ports
  (and/or app data) to get global addressing on per-endpoint basis

  * Disturb packets as little as possible (NAPT etc)
  * Filter incoming based on sender?

* NAT traversal
  * Hole-punching
  * UNSAF
    * STUN: 3rd-party for making connection
    * TURN: 3rd-party for relaying traffic (ugh)
    * ICE: uber-standard
  * Generally quite complex per unit function
  * Primary motivator for IPv6 and vice versa

Firewalls

* Prevent undesirable edge transits

* "For free" with NATs

* Not really much of a solution
  ("But it's a *firewall*!")

* Problem: Specifying firewall policy

Routers

* Core routers are a bit special:

  * Need to know which interface to send out packets
    on based on their IP address
    * Routing Information Protocol (RIP)
    * Open Shortest Path First (OSPF)
    * Interior Gateway Routing Protocol (IGRP)
    * Border Gateway Protocol (BGP)
    * Exterior Gateway Protocol (EGP)

  * Need to make decisions extra-quick (HW assist)

  * Have packet buffer on each interface

    * Buffers don't match rates

ICMP

* Routers would like to communicate
  * with each other
  * with endpoints

* Two kinds of messages
  * Informational
  * Error

* Magic protocol at IP level (semi-reliable)

* Source of much grief, little light (often filtered
  by firewalls)

Broadcast and Multicast

* Obviously, ability to broadcast to the entire Internet
  would be bad
  * LAN/WAN broadcast is straightforward; use "wildcard" addresses
  * Recall Ethernet multicast; IP addresses mapped
    to ethernet addresses

* Standards for cooperative multicast (IGMP/MLD)
  * Join a "multicast group" and receive packets on an
    "Internet multicast address"
  * Probably means packet duplication in core; can't do TCP
    over this

Congestion Control

* Internet congestion control = complete mess
  * Routers buffer packets
  * Only signal of full buffer is dropped packet
  * Packets drop for other reasons; are delayed indefinitely

* Most CC solutions are TCP-only
  * 87-89 TCP-caused "Internet collapse"

TCP Congestion Control

* Standard plan
  * Slow start
  * Congestion avoidance (CWR)

* Clever plans
  * Different control schedules & regimes
  * Time-based rather than ACK-based
  * Router queue management (AQM)
    * RED
    * ECN

Bufferbloat

* People keep sticking more memory in router buffers
  * Especially gateways

* This means more latency

* Packets (and ACKs) get delayed

* Huge RTTs are ridiculous

* Terrible response time, somewhat decreased throughput