How the Internet Works Thomas M. Hadley Network Consultant 1-919-787-5999 Tom@LauraKnapp.com www.lauraknapp.com Laura Jeanne Knapp Technical Evangelist 1-919-224-2205 Laura@LauraKnapp.com IHOW_ 010
What We are Going to Cover Connecting to the Internet How Data Flows Routes through the Internet Web Page Construction Transmission Speed Internet Performance Tools Internet Service Provider can Help IHOW_ 020
What is this Cloud? Internet WEB Client (Browser) Needs information Internet Explorer WEB Server (HTTP Server) Stores information Apache IHOW_ 030
Typical Internet Access ISP 1 Internet ISP 2 Central Office Client -- Home - Dial, Cable TV, DSL Small Business - DSL, Cable, Frame Relay Client Server-- T1, T3, Sonet (OC n) Synchronous Optical Network Web Server IHOW_ 040
Internet History (BITNet) In the 1970 s Research Cornell Columbia Stage 1 Stage 2 I Stage 3 100,000,000 Experimental Growth Commercialization Penn State 10,000,000 1,000,000 10,000 DARPA Research Worldwide 1,000 100 10 University 1 1968 1973 1978 1983 1988 1994 1999 2004 IHOW_ 050
Typical Internet Access The closer your web server is to here, the happier your customers ISP 1 ISP 2 ISP 3 (Backbone) Local ISP Regional ISP Corporation University IHOW_ 060
Connection Points MCI SBC Verizon XO NAP PSINet AT&T UUNET Sprint Broadwing Global Crossing Earthlink ANS NAP C+W AT&T PSINet UUNET SBC NAP Verizon Peer Peer AT&T UUNET BellSouth NAP (Network Access Points) PEER Services Packet Exchange Points Interconnect agreement MAE (Metropolitan Area Exchanges) Made by individual networks CIX (Commercial Internet Exchanges) Dynamic NSF organized interconnect Cost is traffic based Defined paths of data between networks Most now use this Funded by the participants IHOW_ 070
World Wide Web - WWW URL Uniform Resource Locator The Internet address of the requested information www. = Server Name common.org = Domain Name Home Page Web page of information HTML HyperText Markup Language How WWW pages are written HTTP HyperText Transport Protocol Rules used to transfer information between client and WWW server IHOW_ 080
Domain Names and IP Addresses People use names Machines use numbers 10.128.25.36 www.widget.com 10.64.136.221 tom.widget.com DNS Server 10.1.1.5 DNS1.widget.com Internet 209.109.217.59 www.lauraknapp.com 10.192.68.36 laura.widget.com 10.32.5.200 dialin1.widget.com Local IP address book hosts.txt file Most IP applications look there first Limited and hard to keep updated Build a directory Works like the white pages except automated Each device has a unique IP address 32 bits (4 bytes) High order bits = the IP network number Network numbers must be registered Assigned by ISP (Internet Service Providers) Low order bits define individual devices IHOW_ 090
Structure of Domain Names Domain Name System is a worldwide hierarchical naming system common.org ROOT Servers mil gov com org net edu uk ca fr jp ch be TLD Top-Level Domain gte aa ibm bt ibm sony ibm ibm ibm ibm ibm ibm ibm Some countries have a two part TLD: Japan for example has.co.jp ibm.co.jp SLD Second-Level Domain Subdomain individually subdomain controlled by SLD (losing popularity) Replaced by subdirectories www.ibm.com/products/us/servers Your domain name is how the general public will know you and find you! Critical component IHOW_ 100
Added Some Root Domains Original: Regular:.com,.net,.org Special:.arpa,.edu,.gov,.mil International: Country controlled:.ca,.de,.it,.uk,.us, Island nations and others:.cc,.tv, New in 2002-03: These haven t taken off Regular:.biz,.info,.int Special:.aero,.coop,.museum I ve never seen one of these IHOW_ 110
Names Not on Local DNS Server A hierarchy of DNS servers exist 10.128.25.36 www.widget.com 10.32.57.55 www.lauraknapp.com 207.68.142.58 www.msn.com 210.44.1210.2 root-server.su 104.210.188.66 root-server.com 34.6.10.199 root-server.mil... dns server. nc.rr.com 1) www.lauraknapp.com 4) 209.109.217.59 2) www.lauraknapp.com Typical search order: 3) 209.109.217.59 1-Query internal DNS server Tom at home 2-If not on local server, it queries ISP DNS server 3-If not on ISP DNS server, it queries TLD server root-server.mil 204.70.152.52 www.aa.com. root-server.au root-server.com IHOW_ 120
Typical WHOIS Entry -- COMMON.ORG Common.org Registrant: Common (COMMON-DOM) 230 West Monroe Suite 220 Chicago, IL 60606 US Domain Name: COMMON.ORG Technical Contact: Globalcom Inc. dnsadmin@global-com.com 333 W WACKER DR STE 1500 CHICAGO, IL 60606-1226 US 312-895-8818 fax: 312-492-1414 Record expires on 11-Nov-2010. Record created on 19-Sep-2002. Database last updated on Administrative Contact: 5-Sep-2003 15:02:29 EDT. Manager, Information it_manager@common.org Manager Information Technology Domain servers in listed order: Common, A Users Group 230 West Monroe Suite 220 DNS1.NETWORKGCI.NET 216.146.70.3 Chicago, IL 60606 DNS2.NETWORKGCI.NET 216.146.72.3 US 999 999 9999 fax: 999 999 9999 Don t bother calling us IHOW_ 130
Typical IPBlock Inquiry -- COMMON.ORG 09/05/03 15:17:04 IP block www.common.org@whois.crsnic.net Trying 216.146.74.131 at ARIN Trying 216.146.74 at ARIN OrgName: Globalcom OrgID: GLCM Address: 333 W. Wacker #1500 City: Chicago StateProv: IL PostalCode: 60606 Country: US NetRange: 216.146.64.0-216.146.95.255 CIDR: 216.146.64.0/19 NetName: GLCM-1 NetHandle: NET-216-146-64-0-1 Parent: NET-216-0-0-0-0 NetType: Direct Allocation NameServer: DNS1.NETWORKGCI.NET NameServer: DNS2.NETWORKGCI.NET Comment: ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE RegDate: 2000-08-04 Updated: 2001-10-17 Note that this is a block of 32 Class C addresses IHOW_ 140
Typical IPBlock Inquiry -- COMMON.ORG -- Cont. TechHandle: IG79-ARIN TechName: Globalcom, Inc. TechPhone: +1-312-895-8818 TechEmail: abuse@global-com.com OrgAbuseHandle: IG79-ARIN OrgAbuseName: Globalcom, Inc. OrgAbusePhone: +1-312-895-8818 OrgAbuseEmail: abuse@global-com.com OrgTechHandle: IG79-ARIN OrgTechName: Globalcom, Inc. OrgTechPhone: +1-312-895-8818 OrgTechEmail: abuse@global-com.com The Domain Name here is not the same as the DNS Servers (Previous Page) # ARIN WHOIS database, last updated 2003-09-04 19:15 # Enter? for additional hints on searching ARIN's WHOIS database. IHOW_ 150
Analyzer Packet Trace to DNS Server ARP to find MAC addr of default router DNS query exploded here Random source port to DNS IP address of www.common.org IHOW_ 160
Response from ISP DNS Server Answer from DNS Domain is common.org IP address = 216.146.74.131 IHOW_ 170
25c Routing - Moving Information At each router the address is viewed and determination is made regarding next router in order to reach destination Post Office Post Office Each packet of information has an address...an IP address Post Office Post Office Post Office To: Mom Post Office Post Office Post Office Packets of information may take different paths between same source and destination pair depending on network conditions IHOW_ 180
Tracing Routes through the Internet Traces of network paths show how information travels through the Internet TRACEROUTE -- IP routine that maps out the path between a source and a destination: type tracert from a DOS command line TRACEROUTE - from another WEB site: traceroute.org lists hundreds around the world - trace back to yourself Also helpful if your firewall blocks Examples originate from a PC in Raleigh, North Carolina Home IHOW_ 190
Trace Route from Home to COMMON 09/05/03 23:08:51 Fast traceroute www.common.org address as Trace www.common.org (216.146.74.131) Same... 1 192.168.1.1 0ms No rdns 2 10.45.32.1 7ms No rdns in packet trace 3 24.25.1.65 8ms pos0-1.rlghncg-rtr1.nc.rr.com 4 66.26.33.161 8ms srp3-0.rlghnca-rtr1.nc.rr.com 5 66.26.33.177 7ms srp13-0.rlghncrdc-rtr1.nc.rr.com 6 24.93.64.9 8ms so0-1-1.rlghncrdc-rtr3.nc.rr.com 7 24.93.64.53 14ms son0-0-1.chrlncsa-rtr6.carolina.rr.com 8 66.185.132.33 14ms pop1-cha-p0-3.atdn.net 9 66.185.138.64 14ms bb1-cha-p0-0.atdn.net 10 66.185.152.29 22ms bb1-vie-p10-0.atdn.net 11 66.185.139.129 24ms pop2-vie-p0-2.atdn.net 12 66.185.145.6 25ms uunet.atdn.net Now MCI 13 152.63.43.174 24ms 0.so-2-2-0.XL2.DCA5.ALTER.NET 14 152.63.38.73 27ms 0.so-0-0-0.TL2.DCA6.ALTER.NET 15 152.63.13.22 60ms 0.so-6-0-0.TL2.CHI2.ALTER.NET 16 152.63.64.137 49ms 0.so-7-0-0.CL2.CHI1.ALTER.NET 17 152.63.68.221 46ms 556.ATM7-0.GW2.CHI1.ALTER.NET 18 157.130.96.98 53ms globalcom-gw.customer.alter.net 19 216.146.70.24 54ms No rdns) 20 No Response * * * Blocked at Global Com AOL Transport Data Network IHOW_ 200
www.ibm.com Tracing route to www.ibm.com [204.146.18.33] 1 204.146.248.22 2 165.87.96.126 3 29-48-br2.md.us.ibm.net [165.87.29.50] 4 colu35-0-br1.oh.us.ibm.net [165.87.35.1] 5 colu35-64-sf2.oh.us.ibm.net [165.87.35.75] 6 scha34-0-br2.il.us.ibm.net [165.87.34.2] 7 scha34-64-sf2.il.us.ibm.net [165.87.34.75] 8 www.ibm.com [204.146.18.33] From 1999 scha is Schaumburg, IL suburban Chicago ATT Global Network has multiple servers and uses load balancing software You may resolve to a different site IHOW_ 210
Accessed via RoadRunner Trace route to from RoadRunner on 7/20/2000 C:\WINDOWS>tracert www.ibm.com Tracing route to www.ibm.com [204.146.81.99] over a maximum of 30 hops: 1 10 ms 10 ms 10 ms 10.88.248.1 2 8 ms 9 ms 9 ms 24.25.1.57 3 9 ms 9 ms 9 ms 24.25.1.45 4 10 ms 11 ms 10 ms 24.93.64.93 5 12 ms 9 ms 10 ms 24.93.64.102 6 19 ms 21 ms 19 ms 24.93.64.45 7 22 ms 21 ms 22 ms 6-2unusedaddress.rr.com [24.128.6.2] 8 21 ms 22 ms 22 ms hebrt02-hebrt01.rr.com [24.218.188.186] 9 26 ms 23 ms 21 ms vnbrt01-arbrt01.rr.com [24.218.188.158] 10 39 ms 38 ms 38 ms 24.218.188.221 11 41 ms 40 ms 40 ms ccbrt01-ccbgsr01.rr.com [24.128.191.13] 12 ameritech-nap.ibm.net [206.220.243.48] reports: Destination net unreachable. Trace complete. Ameritech is Chicago site probably still in Shaumburg IHOW_ 220
Routed Around Failure Strange connection, hosted in Columbus, OH IHOW_ 230
Another Strange Connection 08/07/03 08:39:46 Fast traceroute www.ibm.com Trace www.ibm.com (129.42.18.99)... 1 10.45.32.1 8ms No rdns) 2 24.25.1.65 9ms pos0-1.rlghncg-rtr1.nc.rr.com 3 66.26.33.161 9ms srp3-0.rlghnca-rtr1.nc.rr.com 4 66.26.33.177 9ms srp13-0.rlghncrdc-rtr1.nc.rr.com 5 24.93.64.34 10ms son0-0-3.rlghncrdc-rtr3.nc.rr.com 6 24.93.64.53 17ms son0-0-1.chrlncsa-rtr6.carolina.rr.com 7 66.185.132.45 15ms pop1-cha-p4-0.atdn.net 8 66.185.132.40 14ms bb1-cha-p2-0.atdn.net 9 66.185.152.182 19ms bb1-atm-p6-0.atdn.net 10 66.185.147.209 20ms pop2-atm-p0-0.atdn.net 11 66.185.138.34 21ms level3.atdn.net = Level3 Communications 12 209.247.9.165 19ms so-4-1-0.bbr1.atlanta1.level3.net 13 209.247.11.17 28ms so-1-0-0.mpls1.raleigh1.level3.net 14 209.244.22.34 28ms gige6-0.hsipaccess1.raleigh1.level3.net 15 64.158.236.6 30ms unknown.level3.net 16 No Response * * * Note that this starts in Raleigh, goes to Charlotte, Atlanta, and back to Raleigh before being blocked rlgh=raleigh,nc chrl+cha= Charlotte,NC atdn=aol Transit Data Network ATM=Asynchronous Transfer Mode Qwest Gige=Gigabit Ethernet Mpls=Multi-Protocol Label Swapping IHOW_ 240
Old www.lauraknapp.com 1999 Used MAE East IHOW_ 250
Trace to lauraknapp.com ISP and hosting company reorganized Relocated this server from Dallas to Atlanta IP address changed, still the same domain name 2001 10/09/01 18:02:26 Fast traceroute www.lauraknapp.com Trace www.lauraknapp.com (64.82.99.60)... 1 10.41.32.1 11ms No rdns 2 24.25.1.57 17ms No rdns 3 66.26.33.161 27ms rdu26-33-161.nc.rr.com 4 66.26.33.180 22ms rdu26-33-180.nc.rr.com 5 66.26.33.177 15ms rdu26-33-177.nc.rr.com 6 12.124.59.13 30ms No rdns 7 12.123.21.2 41ms gbr1-p70.attga.ip.att.net 8 12.122.1.169 31ms gbr3-p70.attga.ip.att.net 9 12.123.20.249 42ms ggr1-p360.attga.ip.att.net 10 192.205.32.130 32ms att-gw.atl.uu.net 11 152.63.82.194 61ms 179.at-6-0-0.XR2.ATL5.ALTER.NET 12 152.63.80.205 44ms 292.at-6-0-0.XR2.ATL1.ALTER.NET 13 146.188.233.213 32ms 194.ATM4-0.GW6.ATL3.ALTER.NET 14 157.130.29.194 39ms foundry-86-p3-2.atl2.mindspring.net 15 207.69.223.132 38ms foundry-32-ve3.atl2.mindspring.net 16 64.82.99.60 38ms lauraknapp.com IHOW_ 260
Web Page Construction Internet Constructed by the browser (client) from files sent by the server HTML file Hypertext Markup Language Text, headings, etc. URLs (Uniform Resource Locators) for click areas Formatting instructions Fully qualified names of GIF, JPG or other graphics files to load JAVA scripts or programs IHOW_ 270
Why Do You Care? This page has 50 files; 293,783 bytes: HTML - 3 files - 50,256 bytes GIF - 31 files - 43 to 31,306 bytes each JPG - 15 files - 1,939 to 11,566 bytes each Each file a TCP connection?? 4 parallel TCP connections: 921 downstream receipts 856 transmissions With overhead: 450,505 bytes received 62,526 bytes transmitted IHOW_ 280
Some Web Designers Do Care This page has 4 files: HTML - 4,567 bytes 2 GIF + 1 JPG files - 10,787 bytes total Each file is a TCP connection -- Loads fast, even from a small provider IHOW_ 290
Dial Transmission Speeds Ameritech PacBell Verizon XO NAP AT&T UUNET Global Crossing Earthlink ANS NAP C+W AT&T PSINet UUNET PSINet Sprint Broadwing Peer SBC AT&T NAP BellSouth Verizon UUNET Peer Accumulated statistics from dial modem experience, connecting at 44,000 bps (56K bps modem) ISP is ATT Global Network Windows PPPLOG file Captured hundreds of sessions Maximum = 22,900 bps Median = 3,900 bps Minimum = 570 bps Average = 6,322 bps IHOW_ 300
Cable Modem Speed Internet Head End Fiber Cable Modem Drop Line 10BaseT Splitter Fiber Node Coax Cable Experience is with Road Runner (Time Warner) Subnet was 96 addresses, then 1024, now 2048 About ½ respond Across the Internet 400-1900 Kbps 2001 average was 800 Kbps Today average is 1.5 Mbps Local Road Runner 1.8-2.3 Mbps IHOW_ 310
Asymmetric Connection Client to server (upstream): 13,845 bytes, 137 trans. 23,698 bytes, 545 trans. Server to client(downstream): 90,413 bytes, 196 trans. 394,496 bytes, 787 trans. Acknowledgments, next file requests Asymmetric connection Client Not just transmission speed, but turns IHOW_ 320
Web User Expectations Session abandonment: 7 seconds = 5% 8 seconds = 30% What can you do? Faster server Faster local connection ISP closer to core Content delivery network Compress HTML Stay below 40 Kbytes IHOW_ 330
Top 30 U.S. Internet Routes - 2002 Copyright TeleGeography, Inc. 2002 IHOW_ 340
Overlay of Competing U.S. Fiber Networks - 2002 Private Line 3 or more states 100 Mbps or more You don t want to be where they aren t IHOW_ 350
Tracking ISP Activities www.keynote.com Home page performance from probes in 50 cities Overview performance of popular sites Net performance ISP to ISP www.xaffire.com Matrix Information and Directory Services Now part of Xaffire Inc. Internet Weather Report IP address localization Demographic information Status of ISP s, packet exchanges www.boardwatch.com www.cybergeography.com Magazine about ISPs Deals, upgrades, hardware Business of ISPs Atlas of maps of the Internet Many different views, collected from across the internet, with links IHOW_ 360
Reachability% Matrix Internet Average IHOW_ 370
Internet Traffic Report Time in ms 100-150 IHOW_ 380
Keynote Performance Averages IHOW_ 390
Windows Tools Visual Route www.visualroute.com Vital Agent Company purchased by Lucent Not maintained but still available IHOW_ 400
Internet Outages Sprint Internet Backbone MCI Internet Backbone Chicago Bridge Indy ISP Houston ISP User Indianapolis Indiana Trying to access www.comspace.com Houston Texas Web site WWW.ComSpace.com Internet reliability is challenging 1) Multiple domain name registrars 2) Complex network paths 3) Multiple points of failure 4) No single owner 5) Hacker attacks, such as syn floods 6) Varying levels of service from different ISPs You do not control these items IHOW_ 410
Tracking Real Time NET Problems IHOW_ 420
Outage Reporting This is my Raleigh, NC RoadRunner IHOW_ 430
ISP Service Offerings Support and Services Education and training Consulting Implementation Network management User services Design and needs assessment Pricing Direct access lines Port costs Dial access lines Traffic costs Premium services Applications charges User registration User administration Service Level Agreement Availability Dropped connection Latency Throughput Time to logon Access links Capacity (aggregate) Exchange point access How many? How fast? Redundancy? Utilization statistics Guaranteed service levels IHOW_ 440
Internet : Unlimited Connections IHOW_ 450
References www.tucows.com... Program downloads, multiple platforms www.pcworld.com...windows program downloads netgroup-serv.polito.it...ip packet capture (and analyzer) ported to Windows www.samspade.org...many Internet tools, v1.14 www.tnsoft.com...even more tools, v3.2.1, US$20 www.traceroute.org...trace from hundreds of sites www.visualroute.com... Traceroute map + ID, v7.1, US$50 Vital Signs...Not supported, download available www.cybergeography.com..internet connectivity as maps www.telegeography.com...internet bandwidth and cost www.boardwatch.com...isp business report www.keynote.com...internet performance www.xaffire.com... General is free, your site is fee 2003/09 IHOW_ 460