understanding the net

8/12/2019 Understanding the Net

1/76


2/76

Understanding the NetBRKRST-1973

Russ White


3/76

2013 Cisco and/or its affiliates. All rights reserved.BRKRST-1973 Cisco Public

The Net

Every presentation needs a porpoise

This presentation aims to provide a whole pictureview of the Internet

As a set of organically grown systems

The Internet is more complex than it might appear to thecasual observer

Its often difficult to see the whole picture

Its often difficult to understand the consequences of anyparticular action on the system as a whole

Details are submerged in abstractions


4/76

THE BARE ESSENTIALS


5/76 2013 Cisco and/or its affiliates. All rights reserved.BRKRST-1973 Cisco Public

The Net

What are the businessrelationships that make theInternet work?

What are the protocols andparts that make the Internet

work?



The Net



The Net (Notes)

Each line on this diagram represents a protocol and/or business re

There are a number of protocol and business relationships not pictured h Content Distribution Networks (CDNs), virtual currency systems, overlay

a host of others all run on this infrastructure

Each of the entities on this diagrams must somehow make money

Equipment, space, physical connections

People to run all of this equipment

Training, research, et al. This is a very complex ecosystem

There are a number of ecosystems within the overall ecosystem that relyof the entire system to continue running



The Net

Technical Overview

Naming Routing

Architectural Overview

Standards

Service Providers

Registries

Clearing Houses Operational Case Study


9/76

NAMING



Naming


11/76


The Domain Name System

Begin with a user who types thename of a web site into a browser

How does the host actually find aweb site based on a name?

There are three things the hostneeds to find

An address for the server on which

the information resides How to get to that address

The specific file on the server itself

DNS provides the first of thesethree bits of information


12/76



The local operating system queriesa DNS server

The address of this local server iseither manually configured or learnedthrough auto configuration

Assume the local server doesntknow the corresponding address

The local server will query the TLDserver for the next section of theDNS address

Cisco.comssecond section is .com

The local server will send a query tothe .com server asking for thelocation of cisco.com

DNS Server

TLD ServerAuthoritativeServer


13/76



Top Level Domain (TLD) serversdont keep information on theaddresses for every possiblesubdomain

Instead, the TLD server will referthe DNS server to an authoritativeserver for the correct subdomain

In this case, the .com server refersthe local DNS server to thecisco.com server

DNS Server



14/76


15/76



The local DNS server respondswith the correct address for thisserver

The local DNS server also cachesthis address for some length oftime

This allows the DNS server torespond to future queries withoutgoing through this entire processagain

DNS Server



16/76


Glue Records

Glue records allow theauthoritative servers to have adomain name within the domain forwhich they are authoritative

Without glue records, you can gettrapped in a domain lookup loop

The glue record puts the nameserver address into the pointer tons1.example.com

So the first query not only returns theserver to ask, but the serversaddress

Where is example.comWhere is

www.example.com?


17/76


Naming Related Systems

DNSSEC

Each section of the

domain name iscryptographically signed .com is signed

.example.com is signed

Etc.

This prevents attacksagainst the DNS system Servers can insert

themselves between theTLD and authoritativeserver

Bad responses can beused for man in the middleattacks, phishing, etc.

In-Addr-AR

A DNS tre

IP addressdomain na

Each sectaddress issame as adomain

The reply name the reaches

A reverse

Whois

A separate protocol that

provides registrationinformation about anyspecific domain name

Can be used to find out ifa domain name is valid,etc.


18/76


Naming Related Systems


19/76

ROUTING


20/76


Routing


21/76


Routing

Now we have an address that tells uswhere to find the web site were after

And we have a way to bundle of the datathat needs to be transferred

But how do we get there?

Even if we had a map of thenetworkpackets cant drive


22/76


Routing

Its easy to say the Internet is anetwork of networks, but what

does that really mean?

Another way to view the Internet isas a virtual topology

Policy is the key to understandingthe AS level (overlay network)

BGP is distributed policy Different types of providers follow

different sets of policies to maximizerevenue and minimize cost

Physical Network


23/76


Routing (Notes)

Every pair of end devices on the Internet is physically connected

Each individual service providers network contributes some part ophysical topology

A virtual control plane overlays this physical topology to create an control plane


24/76


Peering Connections

Understanding these policiesrequires understanding peering

models

Provider/Customer

Transit

Settlement FreeTransit

Provider

Customer

Provider

Customer

Transit

Settlement Fre

Settlement Fre


25/76


Peering Connections (Notes)

Provider/Customer A customer pays for service from a provider

The customer doesnt transit any traffic, it only originates traffic Note customers sometimes transit traffic, so this definition is a little fuzz

Transit One provider pays another provider to transit traffic to a third providers n

The cost of these arrangements is normally driven by the amount of traffone provider to the other

Providers pay for transit to: Increase the amount of the Internet their customers can reach quickly Increase the resilience of their operations

Settlement Free Normally between two providers who exchange roughly equal amounts o

one another

Increases scope and resilience without increasing cost


26/76

SERVICE PROVIDERS


27/76


Service Providers


28/76


Content Provider Overview

Content providers fall into twocategories

Media creation and distribution

Connecting buyers and sellers(ecommerce)

Create something of value to sellto individual end users

Entertainment: movies, books,music, etc.

Information: news, job searches,people searches, etc.

A connection to a product orproducer

Ecommerce, entertain

information

Search, services, softw(ecommerce)

Search, services, ente

Entertainment

Services, information,

Software, information,

Ecommerce, informatio

Information, ecommerc


29/76


Content Provider Business Model

Income Sources Sell services, entertainment, or connect buyers to sellers for a fee

The ability to convert interest into a sell by learning customer preferences and treprimary basis of this model

Sell user attention and information to companies (advertising) Click throughs are transferring interest from the content provider to the seller Conversion rate is the number of people who actually buy based on advertising

Networking Costs Physical infrastructure

Routers, switches, DNS servers, etc. Operational costs People, processes, and facilities

Connection costs Must generally pay access providers for access to end users Must generally pay service (transit) providers for connections to access providers


30/76


Content Provider Business Model

Garner lots of user interest

This doesnt necessarily mean a lot of users, but a lot of motivated users

Specialized and niche markets often work as well as general markets (sumedia)

Learn as much about users as possible

To predict trends and target advertising

Get as much content as possible for free

If people will log on to watch/listen to/read content that costs the providegenerate, then all advertising revenue is simple profit

Bottom Line

Minimize network and content generation costs

Minimize connection costs

Maximize income from advertising and conversion


31/76


Content Provider Routing Policy

Push content as close to the actual eyeballs as possible

Peer as widely as possible

Use content distribution mechanisms to push content to every corner/ednetwork

Carry traffic on internal links where possible

To exert the greatest level of control over the users experience on your

Cold potato routing


32/76


Access Provider Overview

Provide individual users,businesses, and organizations with

Internet connections Includes traditional last mile

providers such as telephone andcable providers

Includes disruptive providers, suchas wireless, satellite, and othercarriers

Are often involved in the creationand distribution of content, as well

Local sports, shows, and otherevents

Wireless services, busin

Internet access

High speed Internet acc

Satellite based Internet


33/76


Access Provider Business Model

Income Sources

Individual subscriber fees Normally based on fixed traffic limits and/or the link type and speed provided to th

Managed equipment and services

Local production and distribution

Network Costs

Physical infrastructure Routers, switches, DNS servers

Physical cable, satellite systems, towers Operational costs

People, processes, and facilities

Connection costs Must generally pay service (transit) providers for connections to the global interne


34/76


Access Provider Business Model

Provide the largest set of integrated services available

Generally contained within one geographic area, but this isnt necessarily

Tackle vertical markets within the existing base to expand services offeresubscriber fees

Reduce content and transit costs

Reduce the cost of connecting individual users to transit and content pro

Generate and sell locally generated content

Bottom line

Minimize network and content generation costs

Minimize connection costs

Maximize revenue from subscribers


35/76


Access Provider Routing Policy

Be the preferred path forconnected customers

Even if theyre connected tosomeone else

Carry traffic across the shortestpossible path

Or for the least amount of timepossible

Hot potato routing

Hot potato routing


36/76


Transit Provider Overview

Provide interconnection betweencontent and access service

providers Many transit service providers also

sell other services, including contentand access

T it P id B i M d l


37/76


Transit Provider Business Model

Income Sources

Peering Contracts Called settlement Normally charged based on traffic levels, rather than link type

Managed equipment and services

Network Costs


Physical cable, satellite systems, towers Operational costs


T it P id B i M d l


38/76


Transit Provider Business Model

Provide the widest connectivity reach

Interconnect with as many larger organizations as possible

Reduce transit time for customers to the minimum possible

Provide the lowest latency (fastest) service to the most desirable location Assumes 80% of all traffic is destined to 20% of all possible destinations

Reduce peering cost

Transit providers want to be sources of traffic, not sinks

Manage traffic flows to reduce peering cost while providing the highest q

available

T it P id R ti P li


39/76


Transit Provider Routing Policy

Attract as much traffic as possible

Increasing peering to reduce the AS

Path length to reach any particulardestination

Carry as little traffic as possible

Really carrying packets for theshortest distance you can

Hot potato routingHot potato routing

I t t E h P i t O i


40/76


Internet Exchange Point Overview

Internet Exchange Points (IXPs)provide local interconnections for

access and content providers IXPs can either be commercial or

non-profit

Used by providers within a region

Avoids the use of out of region transitproviders

Reduces latency within the region Replaces traffic based settlement

costs with fixed membership fees

Transit Provider

Access Provider

Content P

IXP

IXP B i M d l


41/76


IXP Business Model

Income Sources

Fixed membership or usage fees

Not based on traffic levels

Network Costs


Physical cable, satellite systems, towers

Operational costs



42/76

STANDARDS BODIES

Standards Bodies


43/76


Standards Bodies

Standards Bodies


44/76


Standards Bodies

DNS, transport, and routing protocols are only a small sample of ththat make the Internet go

Voice over IP, HTTP, FTP, telnet, rsynch, IPsec, SSH, SSL, and many omust be developed, extended, and managed

HTML, JavaScript, image formats, and many other information formats mdeveloped, extended, and managed

Where do all of these standards come from?

Standards Bodies


45/76


Standards Bodies

All layer 3 transport and routing protocols, including IP, TCP, UDPHTTP, DNS, routing protocols, telnet, rsync, IPsec, and network

management protocols

All layer 1 and layer 2 transport and control plane protocols, includ

Ethernet, spanning tree, wand ireless networking

Markup languages (languages which describe how to display or

render content), including HTML and XML

All telecommunications and networking standards, from physical

through transport protocols

Numbers for protocols, ports, and others

How do Standards Bodies Work?


46/76


How do Standards Bodies Work?

Individual, voluntary membership and participation Members mostly vendors, providers, researchers

Standardization through rough consensus

Corporate membership and participation Members mostly vendors

Standardization through formal voting

Voluntary membership and participation

Members mostly vendors, providers, researchers

Standardization through rough consensus

Governmental and corporate (NGO) membership and

participation

Members mostly government and vendor representatives Standardization through formal voting

Works with other standards bodies to assign numbers as

needed.

Standards Bodies Interactions


47/76


Standards Bodies Interactions

What happens when two standards bodies start standardizing to sosame problem?

IS-IS is standardized by both the ISO and the IETF ISO and the IETF have overlapping interest in Multiprotocol Label Switch

The IEEE and the IETF are both working on next generation control planswitching

Generally these overlaps are handled through various liaison comm The committee meets and maps out different areas or how to use each o

standards in ongoing work

Ultimately, the market decides If two different standards solve the same problem, vendors and end user

which they will use

Over time, one standard will become inactive, while others will continue t

BETA verses VHS


48/76

REGISTRIES

Registries


49/76


Registries

Naming Authorities


50/76


Naming Authorities

ICANN and IANA coordinate theassignment of the numbers andnames that make the Internet work These organizations dont control the

Internet

They only set the rules under whichother organizations may obtain and sellthese resources

These rules are based on fairness andoperational requirements

IANA manages much more than theIP address space Standards bodies (like the IETF) often

direct IANA to set up new registriesfor protocol and other number spacesthat require consistency across acommunity of users

Regional Registry Overview


51/76



Regional Internet Registries (RIRs)manage IP address blockassignments for a region

Or a set of economies They are set up by a consortium of

government and provider organizationswithin a region

RIRs also Participate in research and

standardization efforts Provide services for the common

good of their members, such as whois Hold regular meetings for the education

of their members and informationexchange

Produce best common practicedocuments and recommendations



52/76



IANA provides blocks of IPaddresses to each RIR This is primarily based on need

IANA wants to ensure an RIR doesntask for address space when a lowpercentage of the RIRs currentlyavailable space is used, for instance

Each regional registry then providesaddress blocks to their members The members can then advertise this

space in the global routing table, usethem in DNS entries, or even use themjust for their internal networks

Many large organizations purchaseaddress blocks which are neveradvertised on the global Internet

Regional Registry Business Model


53/76


Regional Registry Business Model

Income Sources

Member fees

Fees for the registration/usage of IP address space Fees for other services offered

Network Costs


Operational costs

People, processes, and facilities Connection costs

Must generally pay service (transit) providers for connections to the global interne

Top Level Registries


54/76



Domain Name Registries manageTop Level Domains (TLDs) ICANN assigns the management of

these TLDs to these registries

These registries, in turn, sell domainnames to second level registries All second tier registries must be treated

the same by the TLD

These operate on a fixed cost perdomain per domain name

Many registries also supportstandards bodies and thecommunity at large Research, whois, and publicly

available tools



55/76


p g

Income Sources

Fees for the registration/usage of domains within a TLD

Fees for other services offered Network Costs


Operational costs People, processes, and facilities

Connection costs Must generally pay service (transit) providers for connections to the global interne

Second Tier Registries


56/76


g

Domain resellers Second tier registries

Buy domains at a fixed rate from aTLD registry

Resell domains based on popularity,bundled into other services, etc.

Income sources Services, domain registration fees

Costs Hardware/software to provideservices

People to manage services

Advertising

Connection to tier 1/tier 2 upstreams


57/76

OTHER ASSOCIATIONS

Clearing Houses


58/76


g

Internet Route Registries


59/76


g

Internet Routing Registries (IRRs) are cooperative databases

Often run through volunteer efforts, by registries, and by research organ

RIPE, APNIC, ARIN, EasyNet, Level3, and others all run IRR mirrors Data is held in a common policy language standardized by the IETF, RP

IRRs mirror the data in the databases of other IRRs

What is this information used for?

A large number of service providers wont accept route advertisements (unless there is an existing entry in an IRR they recognize as authoritative

Service providers built route filters based on the information in the IRR d

Internet Route Registries


60/76


g

The policy information contained in the IRR can include

The origin AS

The prefix length, longest prefix length, and covered prefixes Filtering policies implemented by a particular AS

Whether or not a peering AS is transit or not

This information is stored in Routing Policy Specification Language

RPSL is defined in RFC2622

Network Operators Groups


61/76


Network Operators Groups(NOGs) act as clearing houses for

information about networkoperations

These are generally volunteerorganizations

Often run in close connection withregional registries, researchorganizations, vendors, and other

regional organizations

Network Operators Group


62/76


Run mailing lists

Provides a common place to find operators of other networks in the regio

Provides a place to discuss standards, political situations, network condiequipment, and anything else related to network operations

Manage regional network operators conferences

Often these are held in conjunction with regional registries

Provide training and contact opportunities for local network operators

The Internet Society


63/76


The Internet Society engages in awide spectrum of Internet issues,

including policy, governance,technology, and development. Weestablish and promote principlesthat are intended to persuadegovernments to make decisionsthat are right for their citizens andeach nations future. Everything we

do is based on ensuring that ahealthy, sustainable Internet isavailable to everyonetoday andfor the next billion users.


64/76

OPERATIONAL CASE STUDY

Operational Case Study


65/76


Lets work through building a new content service provider

This process will expose the relationships at a people level that make t

work Business side issues will not be covered in this process

What do we need to build a content provider?

A domain name

An IP address block

Reachability to the rest of the world

Agreements with other content providers to share content Standing in the community on which to base these relationships

Knowing people is half the battle on the operational side

Domain Name


66/76


The first step is to find a good domain name There are services in this space that will help you choose a solid domain

draw traffic

Not just one domain name will do There must be both internal and external facing domains You want to protect your brand on multiple top level domains

Once a good domain is chosen, it needs to be registered This is normally handled through one or more second tier domain registr

Second tier registries gather up names from multiple TLD registries, allowregister the same name in multiple TLDs at once

Once the registration process is done Whois databases need to be checked for accuracy

The root servers and TLD servers need to know how to find your servers This means either setting up and managing a DNS server, or contracting with som

company to provide DNS services (such as VersignsManaged DNS service)

IP Address Block


67/76


Once the domain name is registered, youll need an IP address theentries can point to

To get this Join the local RIR

Justify both internal and external address space requirements

Once obtained

DNS records need to be updated

in-addr.arpa records need to be created

These DNS records allow a user to search for an IP address, and discover the dothe owning organization

These records are used for email spam reduction, certificate validation, and simp

Build Connections


68/76


Build regional connectivity

Find a set of local IXPs that will reach most or all of the regional access n The regional NOG is going to be the best place to make these contacts

Join the regional NOG and participate on mailing lists, meetings, etc.

Join these IXPs

Purchase connectivity into each IXP joined Either through leased lines, virtual circuits, or some other means

Build global connectivity

Find a set of global tier one transit providers that will provide connectivity

set of customers possible

Sign a contract with these providers for local access Generally the transit provider will work with local access providers to provide the

connection into your network

Build Routing


69/76


Once the IP address block, DNS records, and network connectionspeople need to be able to get to your network

This means routing! To get routing going

Peer with the appropriate route servers in each IXP

Peer with transit service providers There will be settlement fees involved in this step

Advertise (originate) your routes to your BGP peers But this isnt so simple

Why should they accept your routes?

RIRs, IRRs, and Routing


70/76


Each time a peering arrangementis made, the receiving SP is goingto check several places to makecertain the route is valid

IRRs

in-addr.arpa

whois

Local contacts (through NOGs, etc.)

NewContentProvider

TransitProvider

DNS/in-addr.arpa

whois

IRR



71/76


Many service providers also buildinbound route filters based on theIRR database

This allows automated changes infiltering based on allocations andother policies

This filtering tends to be loose (ratherthan strict), because of the voluntarynature of the IRR data set

NewContentProvider

TransitProvider

DNS/in-addr.arpa

whois

IRR



72/76


When setting up routing, you also want to filter out invalid routes wpossible This is partly just to be a good netizen

This is partlya matter of self-defense Many invalid routes are sources of spam and various attacks, so filtering

help prevent failures in this new service

There are tool kits available that build route filters from the IRR data set

If the new web site still isnt reachable Route views allow looking into the routing table at various places on the

If the routes arent correct, it becomes a matter of Finding out where the routes are being blocked

The IRR database might provide positive information about what is being filtered where

Finding the right contact information for the AS that is filtering the routes NOGs are very useful here

Contacting the AS and asking them to change their filters

Build Content


73/76


Finally, once

DNS is set up and running

Connectivity is planned and installed Routing is configured, and the correct routes have propagated

You can start building and selling content

The Net


74/76


Complete Your Online Session Evaluation


75/76


Maximize your Cisco Live exp

free Cisco Live 365 account. D

PDFs, view sessions on-dema

live activities throughout the y

Cisco Live 365 button in your

log in.

Give us your feedback andyou could win fabulous prizes.Winners announced daily.

Receive 20 Cisco Daily Challengepoints for each session evaluationyou complete.

Complete your session evaluationonline now through either the mobileapp or internet kiosk stations.


76/76

understanding the net

Documents