Simple (one packet) ) Web Page Retrieval Time SYN. Performance drawbacks. Time. Bigger (7packets) Web Page. Shorten Page Retrieval



Similar documents
Final for ECE374 05/06/13 Solution!!

Transport Layer Protocols

1 Introduction: Network Applications

Protocolo HTTP. Web and HTTP. HTTP overview. HTTP overview

Web. Services. Web Technologies. Today. Web. Technologies. Internet WWW. Protocols TCP/IP HTTP. Apache. Next Time. Lecture # Apache.

First Midterm for ECE374 03/09/12 Solution!!

CS640: Introduction to Computer Networks. Applications FTP: The File Transfer Protocol

COMP 3331/9331: Computer Networks and Applications. Lab Exercise 3: TCP and UDP (Solutions)

Lecture 8a: WWW Proxy Servers and Cookies

Question: 3 When using Application Intelligence, Server Time may be defined as.

Divide and Conquer Real World Distributed Port Scanning

D. SamKnows Methodology 20 Each deployed Whitebox performs the following tests: Primary measure(s)

Advanced Higher Computing. Computer Networks. Homework Sheets

Introduction to Computer Security Benoit Donnet Academic Year

Single Pass Load Balancing with Session Persistence in IPv6 Network. C. J. (Charlie) Liu Network Operations Charter Communications

Mobile Communications Chapter 9: Mobile Transport Layer

20-CS X Network Security Spring, An Introduction To. Network Security. Week 1. January 7

Firewalls. Basic Firewall Concept. Why firewalls? Firewall goals. Two Separable Topics. Firewall Design & Architecture Issues

TCP and Wireless Networks Classical Approaches Optimizations TCP for 2.5G/3G Systems. Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme

Internet Content Distribution

Project #2. CSE 123b Communications Software. HTTP Messages. HTTP Basics. HTTP Request. HTTP Request. Spring Four parts

Internet Control Protocols Reading: Chapter 3

Networking Test 4 Study Guide

Why SSL is better than IPsec for Fully Transparent Mobile Network Access

Computer Networking LAB 2 HTTP

CS5008: Internet Computing

Network Technologies

Lecture 8a: WWW Proxy Servers and Cookies

Improving DNS performance using Stateless TCP in FreeBSD 9

Overview. Securing TCP/IP. Introduction to TCP/IP (cont d) Introduction to TCP/IP

Key Components of WAN Optimization Controller Functionality

Solution of Exercise Sheet 5

SSL VPN Technology White Paper

Securing Networks with PIX and ASA

Computer Networks - CS132/EECS148 - Spring

Content Distribution Networks (CDN)

B6: GET /started/with/ HTTP Analysis

Attack Lab: Attacks on TCP/IP Protocols

Firewall Configuration. Firewall Configuration. Solution Firewall Principles

Advanced Networking Technologies

Computer Networks. Lecture 7: Application layer: FTP and HTTP. Marcin Bieńkowski. Institute of Computer Science University of Wrocław

Linux Network Security

Load Balancing and Sessions. C. Kopparapu, Load Balancing Servers, Firewalls and Caches. Wiley, 2002.

Understanding Slow Start

Network Security - ISA 656 Application Firewalls

TELE 301 Network Management. Lecture 17: File Transfer & Web Caching

Firewalls. Firewalls. Idea: separate local network from the Internet 2/24/15. Intranet DMZ. Trusted hosts and networks. Firewall.

First Midterm for ECE374 02/25/15 Solution!!

Measuring the Evolution of Transport Protocols in the Internet. Alberto Medina Mark Allman Sally Floyd

Lecture 2-ter. 2. A communication example Managing a HTTP v1.0 connection. G.Bianchi, G.Neglia, V.Mancuso

Internet Technologies. World Wide Web (WWW) Proxy Server Network Address Translator (NAT)

BASIC ANALYSIS OF TCP/IP NETWORKS

Networks: IP and TCP. Internet Protocol

We will give some overview of firewalls. Figure 1 explains the position of a firewall. Figure 1: A Firewall

Network Security. Chapter 3. Cornelius Diekmann. Version: October 21, Lehrstuhl für Netzarchitekturen und Netzdienste Institut für Informatik

Blue Coat Security First Steps. Solution for HTTP Object Caching

Network Security TCP/IP Refresher

Distributed Systems. 23. Content Delivery Networks (CDN) Paul Krzyzanowski. Rutgers University. Fall 2015

HTTP. Internet Engineering. Fall Bahador Bakhshi CE & IT Department, Amirkabir University of Technology

Lecture Objectives. Lecture 07 Mobile Networks: TCP in Wireless Networks. Agenda. TCP Flow Control. Flow Control Can Limit Throughput (1)

CIT 380: Securing Computer Systems

Chapter 8 Security Pt 2

Session Hijacking Exploiting TCP, UDP and HTTP Sessions

The Hyper-Text Transfer Protocol (HTTP)

COMP 361 Computer Communications Networks. Fall Semester Midterm Examination

Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ MEng. Nguyễn CaoĐạt

The Web History (I) The Web History (II)

Ethernet. Ethernet. Network Devices

Industrial Network Security and Connectivity. Tunneling Process Data Securely Through Firewalls. A Solution To OPC - DCOM Connectivity

FAQs for Oracle iplanet Proxy Server 4.0

Stateful Firewalls. Hank and Foo

How To Protect A Dns Authority Server From A Flood Attack

Internet Content Distribution

Measuring IP Performance. Geoff Huston Telstra

21.4 Network Address Translation (NAT) NAT concept

Lecture 23: Firewalls

Per-Flow Queuing Allot's Approach to Bandwidth Management

Efficient End-to-End Mobility Support in IPv6

Course Overview: Learn the essential skills needed to set up, configure, support, and troubleshoot your TCP/IP-based network.

How To Understand A Network Attack

Recent advances in transport protocols

Network and Services Discovery

First Midterm for ECE374 03/24/11 Solution!!

Middleboxes. Firewalls. Internet Ideal: Simple Network Model. Internet Reality. Middleboxes. Firewalls. Globally unique idenpfiers

Midterm Exam CMPSCI 453: Computer Networks Fall 2011 Prof. Jim Kurose

Homework 2 assignment for ECE374 Posted: 02/21/14 Due: 02/28/14

Using IPM to Measure Network Performance

Frequently Asked Questions

Chapter 8 Network Security

Lecture 33. Streaming Media. Streaming Media. Real-Time. Streaming Stored Multimedia. Streaming Stored Multimedia

Port Scanning. Objectives. Introduction: Port Scanning. 1. Introduce the techniques of port scanning. 2. Use port scanning audit tools such as Nmap.

Final exam review, Fall 2005 FSU (CIS-5357) Network Security

Port Scanning and Vulnerability Assessment. ECE4893 Internetwork Security Georgia Institute of Technology

This sequence diagram was generated with EventStudio System Designer (

Distributed Systems. 25. Content Delivery Networks (CDN) 2014 Paul Krzyzanowski. Rutgers University. Fall 2014

ΕΠΛ 674: Εργαστήριο 5 Firewalls

TECHNICAL CHALLENGES OF VoIP BYPASS

IxLoad - Layer 4-7 Performance Testing of Content Aware Devices and Networks

Content Inspection Director

ICOM : Computer Networks Chapter 6: The Transport Layer. By Dr Yi Qian Department of Electronic and Computer Engineering Fall 2006 UPRM

Transcription:

Complex (many objects) ) Web Page with HTTP/1.0 Why HTTP needed extensions? A taste of HTTP v1.1 additions HTTP v1.1: introduces many complexities no longer an easy protocol to implement Data Transm. Time (TT) Data Transm. Time conn. 1 conn. 2 Time Retrieval 2n RTT + ΣTT i Simple (one packet) ) Web Page +GET +FIN Propagation Time + Packet Transmission Time (PTT) FIN RTT RTT 2RTT + PTT Performance drawbacks Mandatory roundtrips three-way handshake get request, data return new connections for each image (parallelize) lots of extra syn or syn/ack packets Slow-start penalties Significantly affects fast networks Lots of connections to server spatial/processing overhead in server ( stack) unfairness because of loss of congestion control info +GET +FIN Bigger (7packets) Web Page + Data Transmission Time > 7 Packet Transmission Time FIN Slow Start! (2RTT) + ( Data Trasm. Time) Shorten Page Retrieval with HTTP/1.0 After the retrieval of the html source, start many parallel connections to download the objects embedded Time retrieval = 4 RTT + TT 1 + max(tt i ) Overhead to manage n connections and slow starts significantly affect performance 1

Persistent HTTP More complex handshake conn. 1 conn. 2... One connection Persistent HTTP Move task of closing connection from to Client how does a client know when document is returned? Content-Length: header field: In HTTP v1.0 used only in POST requests» When client needs to send a body entity In HTTP v1.1 must be used also in response» To inform the client that retrieval is finished when does the connection get dropped? idle outs on server side client drops connections server needs to reclaim resources Performance improvements Persistent HTTP in HTTP/1.0, add Connection: Keep-Alive\r\n header in HTTP/1.1, P-HTTP built in Does it help? server-side efficiency memory consumption at server is the bottleneck as well known by Denial Of Service attackers allows multiple requests on one connection Faster retrieval Pipelining Chunking HTTP v1.0 connection dropped = lost data no chunking HTTP v1.1 Concept of chunking Range: bytes=300-304,601-993 useful for broken connection recovery (like FTP recovery) chunked transfer encoding segmenting of documents don t have to calculate entire document length. useful for dynamic query responses.. Pipelining Multi-homing without... with figure 1 figure 2... Multi-homing: 1 IP address with multiple DNS names ESSENTIAL for commercial deployment Small companies need a web presence With proper naming (e.g. www.joemushrooms.it) But don t have ICT resources to administer on their own» Solution: web-hosting companies The problem of multi-homing Web-host company: www.bianchihosting.it IP=200.100.100.1 Customer1: www.joemushrooms.it Customer2: www.frankbeans.it Try resolving URLs: http://www.bianchihosting.it/ http://200.100.100.1:80/index.htm http://www.joemushrooms.it/ http://200.100.100.1:80/index.htm http://www.frankbeans.it/ http://200.100.100.1:80/index.htm ALL EQUAL! No way to differentiate them unless using different ports, but solution hardly appreciated by customers 2

Multi-homing solution Host: <web server name>: : Host: www.joemushrooms.it Additional header command in the HTTP request Mandatory sent by client Initially a patch in HTTP v1.0 Fundamental feature in HTTP v1.1 Addressing: Need a further level of indirection Process listening on port 80 shall not be a web server but a process redirecting the HTTP request to the proper server, based on host: content (virtual host) Addressing chain UDP SW IP address app app IP SW web1 SW Virtual host port (80) Protocol field webn Host: (web1) User Agent Caching Fundamental in reducing traffic Client Proxy and Gateway may cache. Tunnel cannot. Origin HTTP operation with intermediaries Three form of intermediaries: Tunnel intermediary program acting as a blind relay between two connections. once active, a tunnel is not considered a y to the HTTP communication (does not understands HTTP) e.g: firewall, Network Address Translator, etc Proxy intermediary program acting as both server & client (see later). Gateway server acting as intermediary for some other server. unlike a proxy, a gateway receives requests as if it were the origin server for the requested resource; the requesting client may not be aware that it is communicating with a gateway. e.g. portals Why caching? reduce latency reduce data traffic distribute (reduce) requests HTTP: hierarchical caching Client cache Cache Cache Cache User Agent Proxy An intermediary program which acts as both a server and a client for the purpose of making requests on behalf of other clients. Usage: client-side portal through firewalls; helper applications to handle requests not supported by user agent Client Transparent proxy: does not modify request or response beyond authentication and identification Non Transparent proxy: provides added services (media transformation, anonimity filtering, protocol reduction) Origin Some problems with caching Consistency cached pages might not be the most recent... Security what happens if I infiltrate a cache? servers/clients don t even know this is happening e.g.: AOL used to have a very stale cache, but has since moved to Inktomi Ad clickthrough counts how does Yahoo know how many s you accessed their pages, or more importantly, their ads? 3

Additional http v1.1 features (mainly for caching purposes) HTTP/1.0: lots of problem associated to caching Very poor cache consistency models HTTP/1.1: very improved caching model Refer to RFC 2616 for details (too long to deal with here) Additional header commands: Age: <seconds, date> sender's estimate of the amount of since the response (or its revalidation) was generated at the origin server Etag: fa898a3e3 unique tag to identify document (strong or weak forms) Cache-control: <command> marking documents as private (don t keep in caches) +GET Web Page Retrieval + ST PT 3 RTT + 3 PT + ST Caching saving some numerical examples PT 1 = 12 ms, ST 1 = 20 ms (1) = 3*100+3*12+20=356ms 1 Add a cache Response Time (ST 1 ) = 20ms Assume 3*1460B pages 1500B packet size, 40B header Consider only bottleneck transmission ST 2 = 20ms PT 2 0ms (2) = 3*5+3*0+20=35ms 4

Congestion Delay (CD 1 ) Average = 0.2*35+0.8*356= 292 ms PT 1 = 12 ms QD 1 =? 64 ms saving! (18%) More insight Queueing Delay (QD 1 ) Time (ST 1 ) = 20ms Assume 3*1500B pages Bits of Queueing Theory M/M/1/ interarrival and packet size exponentially distributed packet size R = average rate C = link capacity interarrivals C QD +GET Web Page Retrieval + ST R Bits of Queueing Theory M/M/1/ C QD PT 3 RTT + 3 QD + 3 PT + ST R/C = offered load, an important quantity in queueing theory R / C N = Average packet # in the queue 1 R / C N QD = Average queueing delay (if C packet/s) C 1 1/ C QD + = Average service C 1 R / C 5

N,QD Bits of Queueing Theory M/M/1/ PT 1 = 12 ms ST 1 = 20 ms QD 1 =? 1 R/C 36kbit/request 21 request/s 741kbps ρ=74% QD 1 =34ms (1) = 3*100+3*34+3*12+20=458ms < 884ms QD 1 =? 36kbit/request 26 request/s RTT Congestion Delay 936kbps R/C=93.6% QD 1 =176ms = 3*100+3*176+3*12+20=884ms > 356ms (1) = 35ms (1) = 456ms Average = 0.2*35+0.8*456 = 372ms 512 ms saving! (58%) ST 2 = 20ms PT 2 0ms QD 2 0ms (2) = 3*5+3*0+3*0+20=35ms Some HTTP examples Download an image Need for Host in http/1.1 Connection: permanent/close HTTP stateless Conditional GET 6

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information