Chapter 5: Tunneling and Application Gateway Chapter 5: Tunneling and Application Gateway Chapter goal: Chapter goal: Multiprotocol environment a Multiprotocol environment Mixing network technologies Mixing network technologies Encapsulation and tunneling Encapsulation and tunneling s Clients and servers in constrained a Clients and servers in constrained environments environments Application gateways Application gateways Application gateway exar Application gateway example Multiprotocol environment Multiprotocol environment Not all machines provide complete TCP/IP Hosts using TCP/P Hosts using TCP/P Not all organizations use TCP/IP exclusively 中?“ to interconnect computers nes, with group using its own ocol suite because Hosts using ATM F Networking has evolved slowly TCP/IP not always avallable y network systems Chief disadvantages Minimize expense Duplication of effort Chapter 5: Tunneling and Application Gateway Mixing network technologies Chapter goal: TCP/IP internet consists of a set of host Multiprotocol environment erconnected by IP gateways(routers) Mixing network technologies r internets use other protocols(e.g CNET, SNA. Encapsulation and tunneling s Clients and servers in constrained environmenTs switching syste Application gateways Many internets have been built that use Application gateway examples witched technologies instead of physical networks For example
1 哈工大计算机学院 李全龙 Network Application Development Tunneling and Application Gateway 1 Chapter 5: Tunneling and Application Gateway Chapter goal: Multiprotocol environment Mixing network technologies Encapsulation and tunneling Clients and servers in constrained environments Application gateways Application gateway examples 哈工大计算机学院 李全龙 Network Application Development Tunneling and Application Gateway 2 Chapter 5: Tunneling and Application Gateway Chapter goal: Multiprotocol environment Mixing network technologies Encapsulation and tunneling Clients and servers in constrained environments Application gateways Application gateway examples 哈工大计算机学院 李全龙 Network Application Development Tunneling and Application Gateway 3 Multiprotocol environment Not all machines provide complete TCP/IP support Not all organizations use TCP/IP exclusively to interconnect computers. Most large organizations have several groups of machines, with group using its own protocol suite, because: Networking has evolved slowly Vendors promoted proprietary network systems TCP/IP not always available Minimize expense User habits 哈工大计算机学院 李全龙 Network Application Development Tunneling and Application Gateway 4 Multiprotocol environment Chief disadvantages: Duplication of effort Limitations of interoperability … Hosts using TCP/IP Ethernet1 … Hosts using TCP/IP Ethernet2 Wide area network that uses ATM Hosts using ATM Hosts using ATM 哈工大计算机学院 李全龙 Network Application Development Tunneling and Application Gateway 5 Chapter 5: Tunneling and Application Gateway Chapter goal: Multiprotocol environment Mixing network technologies Encapsulation and tunneling Clients and servers in constrained environments Application gateways Application gateway examples 哈工大计算机学院 李全龙 Network Application Development Tunneling and Application Gateway 6 Mixing network technologies TCP/IP internet consists of a set of host interconnected by IP gateways (routers). Other internets use other protocols (e.g. DECNET, SNA…) It should be possible to substitute any transport-level switching service in place of a single physical link in another packet switching system. Many internets have been built that use switched technologies instead of physical networks. For example:
Mixing network technologies Mixing network technologies Hass usg Jae Hosts using TCP/P Hosts using TCP/IP From the view of Ip gateway ATM provides a link Hosts using ATM口 Hosts using ATM From the view of ATM Software on two IP gateways acts like Mixing network technologies Chapter 5: Tunneling and Application Gateway 中二苧 Chapter goal: Multiprotocol environment ng network te Encapsulation and tunneling a Dynamic circuit allocation s Clients and servers in constrained The static scheme needs N*(N-1)/2 circuit environments Each circuit requires both hardware and Application gateways software resources Application gateway example: The dynamic scheme allocate circuit on demand Tunneling through an IP lation and tunneling internet capsulation refers to how the network interface Most tunneling now occurs because vendors use -cpri rs oooe iver packets from ervice to carry packets IP now provides the widest connective IP encapsulates each datagram in a packet when it mong the computers at most organizations. Software urrentby available that uses Ip to carry IPX, SNA and other high-level nsport delivery service to send datagram from difference: whether IP transmits data In a IP network can also be used to carry new dware packets or uses a high otoc ffic, to allow de ug new protocols
2 哈工大计算机学院 李全龙 Network Application Development Tunneling and Application Gateway 7 Mixing network technologies … Hosts using TCP/IP Ethernet1 … Hosts using TCP/IP Ethernet2 Wide area network that uses ATM Hosts using ATM Hosts using ATM IP gateway IP gateway 哈工大计算机学院 李全龙 Network Application Development Tunneling and Application Gateway 8 Mixing network technologies From the view of IP gateway ATM provides a link From the view of ATM Software on two IP gateways acts like application software … Hosts using TCP/IP Ethernet1 … Hosts using TCP/IP Ethernet2 Wide area network that Hosts using ATM uses ATM Hosts using ATM IP gateway IP gateway 哈工大计算机学院 李全龙 Network Application Development Tunneling and Application Gateway 9 Mixing network technologies Dynamic circuit allocation The static scheme needs N*(N-1)/2 circuit Each circuit requires both hardware and software resources The dynamic scheme allocate circuit on demand … Hosts using TCP/IP Ethernet1 … Hosts using TCP/IP Ethernet2 Wide area network that Hosts using ATM uses ATM Hosts using ATM IP gateway IP gateway 哈工大计算机学院 李全龙 Network Application Development Tunneling and Application Gateway 10 Chapter 5: Tunneling and Application Gateway Chapter goal: Multiprotocol environment Mixing network technologies Encapsulation and tunneling Clients and servers in constrained environments Application gateways Application gateway examples 哈工大计算机学院 李全龙 Network Application Development Tunneling and Application Gateway 11 Encapsulation and tunneling Encapsulation refers to how the network interface uses packet switching hardware. Tunneling refers to the use of a transport network service to carry packets or messages from another service. IP encapsulates each datagram in a packet when it uses the hardware directly. IP creates tunnel when it uses a high-level transport delivery service to send datagram from one point to another. Key difference: whether IP transmits datagrams in hardware packets or uses a high-level transport service 哈工大计算机学院 李全龙 Network Application Development Tunneling and Application Gateway 12 Tunneling through an IP internet Most tunneling now occurs because vendors use IP protocols to deliver packets from non-TCP/IP protocols. IP now provides the widest connectivity among the computers at most organizations. Software is currently available that uses IP to carry IPX, SNA and other high-level protocol traffic. IP network can also be used to carry new protocols traffic, to allow designers to build and debug new protocols
App-level Tunneling between Tunneling, Encapsulation, and clients and servers Dialup Phe one Lines communicate across a non-IP network. There need a socket simulation library. 且→ts L UDP dient apg SLIP and PPP have bees designed to send IP with support for network system network hould ip transmission across a d be viewed as a form of tunneling or ei Two opinions Clients and servers in Chapter 5: Tunneling and Application Gateway constrained environments Chapter goa: The reality of multiple technologies Multiprotocol environment Not all computers have direct access to the Internet Mixing network technologies Access limitations can complicate client and servers Encapsulation and tunneling Economic, political and technical reasons Result in incompatible systems without s Clients and servers in constrained interoperability environments Computers with limited functionality Connectivity constrains that arise from security Application gateway examples Partition computers into secure and unsecure subsets Computers in one partition cannot dire Chapter 5: Tunneling and Application Gateway Using application gateways Chapter goal: A single, powerful technique to overcome a Multiprotocol environment connectivity constraints-application gateway Mixing network technologies Adding application programs that run on Encapsulation and tunneling s Clients and servers in constrained Intermediate machine is called gateway machine. environments For example, mail gateway Application gateways
3 哈工大计算机学院 李全龙 Network Application Development Tunneling and Application Gateway 13 App-level Tunneling between clients and servers Application-level tunneling App-level tunneling makes it possible for clients and servers to use IP protocols to communicate across a non-IP network. There need a socket simulation library. UDP client app. Socket simulation library UDP client app. Socket simulation library Operating system with support for network system Operating system with support for network system Network system 哈工大计算机学院 李全龙 Network Application Development Tunneling and Application Gateway 14 Tunneling, Encapsulation, and Dialup Phone Lines SLIP and PPP have bees designed to send IP across a dialup channel. Should IP transmission across a dialup connection be viewed as a form of tunneling or encapsulation? Two opinions 哈工大计算机学院 李全龙 Network Application Development Tunneling and Application Gateway 15 Chapter 5: Tunneling and Application Gateway Chapter goal: Multiprotocol environment Mixing network technologies Encapsulation and tunneling Clients and servers in constrained environments Application gateways Application gateway examples 哈工大计算机学院 李全龙 Network Application Development Tunneling and Application Gateway 16 Clients and servers in constrained environments The reality of multiple technologies Not all computers have direct access to the Internet Access limitations can complicate client and servers Economic, political and technical reasons Result in incompatible systems without interoperability Computers with limited functionality Connectivity constrains that arise from security Partition computers into secure and unsecure subsets. Computers in one partition cannot directly access services available on computers in the other partition. 哈工大计算机学院 李全龙 Network Application Development Tunneling and Application Gateway 17 Chapter 5: Tunneling and Application Gateway Chapter goal: Multiprotocol environment Mixing network technologies Encapsulation and tunneling Clients and servers in constrained environments Application gateways Application gateway examples 哈工大计算机学院 李全龙 Network Application Development Tunneling and Application Gateway 18 Using application gateways A single, powerful technique to overcome connectivity constraints-application gateway. Adding application programs that run on intermediate machines Relay information Intermediate machine is called gateway machine. For example, mail gateway
A comparison of application ail gateway gateways and tunneling Application gateway without m ng the computers Os Interface to Interface to Can be built using conventional programming tools S wth both tware TOP/IP and UUCP support The site can use standard client and server Allows all existing network systems to continue interme Manager and users do not need to learn abou Do not need change any physical network TCP/1P intermet LSEET network connections A comparison of application A comparison of application gateways and tunnel gateways and tunnelin Application gateway unneling eparate application gateway progr Does not need any changes when new services ervIce itional hardware resources Can be used for any application service May need add network connections Provides uniformity Introduce computational delay a Tunnel Clients may timeout and resend a message Modify the Os on the gateway Modify sof tware on hosts underlying network protocols in changes to clients software with Application gateways and Application gateways used for limited functionality systems secutity apadana gatewa The OS of PC often do not support for Mary organizations choose application gateway to concurrent processing solve the problem of security a Limits client-server interaction Use an app gateway
4 哈工大计算机学院 李全龙 Network Application Development Tunneling and Application Gateway 19 Mail gateway TCP/IP internet NUENET network OS with both TCP/IP and UUCP support App. gateway Host on the TCP/IP internet Host on the USENET network Interface to TCP/IP mail system Interface to UUCP mail system 哈工大计算机学院 李全龙 Network Application Development Tunneling and Application Gateway 20 A comparison of application gateways and tunneling Application gateway + Without modifying the computer’s OS Can be built using conventional programming tools Does not require any change to the underlying protocol software The site can use standard client and server programs Allows all existing network systems to continue operation undisturbed Manager and users do not need to learn about new technologies Do not need change any physical network connections 哈工大计算机学院 李全龙 Network Application Development Tunneling and Application Gateway 21 A comparison of application gateways and tunneling Application gateway - A separate application gateway program for each service Require additional hardware resources May need add network connections Introduce computational delay Clients may timeout and resend a message 哈工大计算机学院 李全龙 Network Application Development Tunneling and Application Gateway 22 A comparison of application gateways and tunneling Tunneling + Does not need any changes when new services appear Can be used for any application service Provides uniformity Tunneling - Modify the OS on the gateway Modify software on hosts Impact on users A change in the underlying network protocols usually results in changes to clients software with which users interact. 哈工大计算机学院 李全龙 Network Application Development Tunneling and Application Gateway 23 Application gateways and limited functionality systems The OS of PC often do not support for concurrent processing Limits client-server interaction Use an app gateway IP gateway OS Mail server App. gateway Large computer that runs both a mail server and an application gateway To rest of internet Small hosts incapable of running a mail server 哈工大计算机学院 李全龙 Network Application Development Tunneling and Application Gateway 24 Application gateways used for secutity Many organizations choose application gateway to solve the problem of security IP gateway OS App. gateway a computer that runs the site’s app gateway for remote login. The application gateway controls remote acc. IP gateway filters remote login packets except from or to app gateway Conventional hosts prohibited from sending remote login packets except through app gateway
Application gateways and the extra hop problem Application gateways examples Web-based application gateway FTP used Application gateways examples Chapter 5: Tunneling and Application Gateway We have learned: Interface to Multiprotocol environment Mixing network technologies lat for TCP/IP a Clients and servers in constrained environments Application gate Application gateway examples oe comp using SuPar Ppp TCp/INtemet
5 哈工大计算机学院 李全龙 Network Application Development Tunneling and Application Gateway 25 Application gateways and the extra hop problem IP gateway To rest of internet IP gateway App gateway machine To rest of internet 哈工大计算机学院 李全龙 Network Application Development Tunneling and Application Gateway 26 Application gateways examples FTP server Web server CGI prgrm Disk Browser HTTP used FTP used User Cmptr. Gateway Cmptr FTP Cmptr Web-based application gateway 哈工大计算机学院 李全龙 Network Application Development Tunneling and Application Gateway 27 Application gateways examples Dialup phone sys Dialup phone sys OS with support for TCP/IP SLIRP gateway Home computer using SLIP or PPP Host on the TCP/IP Internet Interface to dialup modem Standard socket interface to TCP/IP 哈工大计算机学院 李全龙 Network Application Development Tunneling and Application Gateway 28 Chapter 5: Tunneling and Application Gateway We have learned: Multiprotocol environment Mixing network technologies Encapsulation and tunneling Clients and servers in constrained environments Application gateways Application gateway examples