header space analysis
play

Header Space Analysis Hauptseminar: Innovative Internettechnologien - PowerPoint PPT Presentation

Nov 14, 2022 •380 likes •738 views

Lehrstuhl Netzarchitekturen und Netzdienste Institut fr Informatik Technische Universitt Mnchen Formal Methods: Header Space Analysis Hauptseminar: Innovative Internettechnologien und Mobilkommunikation Benedikt Jaeger 23.5.2014

  1. Lehrstuhl Netzarchitekturen und Netzdienste Institut für Informatik Technische Universität München Formal Methods: Header Space Analysis Hauptseminar: Innovative Internettechnologien und Mobilkommunikation Benedikt Jaeger 23.5.2014

  2. Content  Header in Messages  Composition of Messages  Different header  Header Space Analysis  Headerspace, Networkspace  Transfer functions  Reachability  Example IITM: Formal Methods: Header Space Analysis 2

  3. Composition of Messages Header Payload  Header : information about the packet  Payload : actual Data IITM: Formal Methods: Header Space Analysis 3

  4. Header  IPv4-Header Version IHL TOS Total Length Identification Flags Fragment Offset TTL Protocol Header Checksum Source Address Destination Address Options / Padding (optional)  IPv6-Header  MAC-Header  ARP Request / Reply  ICMP Echo Request / Reply, TTL Exceeded  TCP- / UDP-Header (Headercontent is from the script of „ Grundlagen: Rechnernetze und Verteilte Systeme “ in the SS 2013, TUM ) IITM: Formal Methods: Header Space Analysis 4

  5. Header  IPv4-Header  IPv6-Header Version Traffic Class Flow Label Payload Length Next Header Hop Limit Source Address  MAC-Header Destination Address  ARP Request / Reply  ICMP Echo Request / Reply, TTL Exceeded  TCP- / UDP-Header (Headercontent is from the script of „ Grundlagen: Rechnernetze und Verteilte Systeme “ in the SS 2013, TUM) IITM: Formal Methods: Header Space Analysis 5

  6. Header  IPv4-Header  IPv6-Header  MAC-Header Destination Hardware Address Destination Hardware Address Source Hardware Address Source Hardware Address Type  ARP Request / Reply  ICMP Echo Request / Reply, TTL Exceeded  TCP- / UDP-Header (Headercontent is from the script of „ Grundlagen: Rechnernetze und Verteilte Systeme “ in the SS 2013, TUM) IITM: Formal Methods: Header Space Analysis 6

  7. Header  IPv4-Header  IPv6-Header  MAC-Header  ARP Request / Reply Hardware Type Protocol Type Hw Addr. Length P. Addr. Length Operation Sender Hardware Address Sender Hardware Address Sender Protocol Address Sender Protocol Address Target Hardware Address Target Hardware Address Target Protocol Address  ICMP Echo Request / Reply, TTL Exceeded  TCP- / UDP-Header (Headercontent is from the script of „ Grundlagen: Rechnernetze und Verteilte Systeme “ in the SS 2013, TUM) IITM: Formal Methods: Header Space Analysis 7

  8. Header  IPv4-Header  IPv6-Header  MAC-Header  ARP Request / Reply  ICMP Echo Request / Reply, TTL Exceeded Type Code Checksum Identifier Sequence Number Data (optional)  TCP- / UDP-Header (Headercontent is from the script of „ Grundlagen: Rechnernetze und Verteilte Systeme “ in the SS 2013, TUM) IITM: Formal Methods: Header Space Analysis 8

  9. Header  IPv4-Header  IPv6-Header  MAC-Header  ARP Request / Reply  ICMP Echo Request / Reply, TTL Exceeded  TCP- / UDP-Header Source Port Destination Port Sequence Number Acknowledgement Number Offset Reserved Window Checksum Urgent Pointer Options Source Port Destination Port Length Checksum (Headercontent is from the script of „ Grundlagen: Rechnernetze und Verteilte Systeme “ in the SS 2013, TUM) IITM: Formal Methods: Header Space Analysis 9

  10. Header Space Analysis Represent reality in a model Reality Model Router, switch, NAT, firewall, … Middlebox (or simply switch) Packet Headerbits Position in Network Unique Ports IITM: Formal Methods: Header Space Analysis 10

  11. Header Space Analysis 𝐼 ⊆ 0,1 𝑀  Headerspace  Point in Headerspace ℎ 00110010101010100101001010010010 𝑂 ⊆ 0,1 𝑀 × 0, … , 𝑄  Networkspace  Point in Networkspace (ℎ, 𝑞) 12 00110010101010100101001010010010 IITM: Formal Methods: Header Space Analysis 11

  12. Header Space Analysis  Box Transfer Function 𝑈 ℎ, 𝑞 : ℎ, 𝑞 → ℎ 1 , 𝑞 1 , ℎ 2 , 𝑞 2 , … 𝐂𝐩𝐲 𝑼𝒔𝒃𝒐𝒕𝒈𝒇𝒔 𝑮𝒗𝒐𝒅𝒖𝒋𝒑𝒐 𝑼 𝑺 𝒊 𝒒 𝑼(𝒊, 𝒒) 𝑆 1 { ℎ, 𝑆 2 } 1001xxxx 𝑆 2 { ℎ, 𝑆 1 } 1011xxxx 𝑆 1 { ℎ, 𝑆 2 , ℎ, 𝑆 3 } 1111xxxx … … … IITM: Formal Methods: Header Space Analysis 12

  13. Header Space Analysis  Box Transfer Function 𝑈 ℎ, 𝑞 : ℎ, 𝑞 → ℎ 1 , 𝑞 1 , ℎ 2 , 𝑞 2 , …  Transform Subspace 𝑇 to another Subspace 𝑇 ∗ 𝑼 𝟑 𝑼 𝟐 IITM: Formal Methods: Header Space Analysis 13

  14. Header Space Analysis  Box Transfer Function 𝑈 ℎ, 𝑞 : ℎ, 𝑞 → ℎ 1 , 𝑞 1 , ℎ 2 , 𝑞 2 , …  Reversible: 𝑈 −1 −𝟐 𝑼 𝟑 −𝟐 𝑼 𝟐 IITM: Formal Methods: Header Space Analysis 14

  15. Example: IPv4-Router  What must an IPv4-Router do?  Rewrite source and destination Mac: 𝑈 𝑛𝑏𝑑 ( ) 𝑈 𝑢𝑢𝑚 ( )  Decrement TTL: 𝑈 𝑑ℎ𝑙𝑡𝑣𝑛 ( )  Update checksum: 𝑈 𝑔𝑥𝑒  Forward packet : 𝑈 𝐽𝑄𝑤4 . = 𝑈 𝑔𝑥𝑒 𝑈 𝑑ℎ𝑙𝑡𝑣𝑛 𝑈 𝑢𝑢𝑚 𝑈 𝑛𝑏𝑑 . IITM: Formal Methods: Header Space Analysis 15

  16. Example: IPv4-Router  Rewrite source and destination Mac: 𝑈 𝑛𝑏𝑑 ( ) ignored 𝑈 𝑢𝑢𝑚 ( )  Decrement TTL: ignored 𝑈 𝑑ℎ𝑙𝑡𝑣𝑛 ( )  Update checksum: ignored 𝑈 𝑔𝑥𝑒  Forward packet: 𝑈 𝐽𝑄𝑤4 . = 𝑈 𝑔𝑥𝑒 . IITM: Formal Methods: Header Space Analysis 16

  17. Example: IPv4-Router ℎ, 𝑞 1 𝑗𝑔 𝑗𝑞_𝑒𝑡𝑢(ℎ) ∈ 𝑇 1 ℎ, 𝑞 2 𝑗𝑔 𝑗𝑞_𝑒𝑡𝑢(ℎ) ∈ 𝑇 2 𝑈 𝐽𝑄𝑤4 ℎ, 𝑞 = ℎ, 𝑞 3 𝑗𝑔 𝑗𝑞_𝑒𝑡𝑢(ℎ) ∈ 𝑇 3 𝑝𝑢ℎ𝑓𝑠𝑥𝑗𝑡𝑓 𝑻 𝟑 𝒒 𝟑 𝒒 𝟒 𝑻 𝟐 𝑻 𝟒 𝑺 𝑱𝑸𝒘𝟓 𝒒 𝟐 IITM: Formal Methods: Header Space Analysis 17

  18. Header Space Analysis  Box Transfer Function 𝑈 ℎ, 𝑞 : ℎ, 𝑞 → ℎ 1 , 𝑞 1 , ℎ 2 , 𝑞 2 , …  Network Transfer Function Ψ( ) 𝑈 1 ℎ, 𝑞 𝑗𝑔 𝑞 ∈ 𝑡𝑥𝑗𝑢𝑑ℎ 1 Ψ ℎ, 𝑞 = … … 𝑈 𝑜 ℎ, 𝑞 𝑗𝑔 𝑞 ∈ 𝑡𝑥𝑗𝑢𝑑ℎ 𝑜  Topology Transfer Function Γ Γ ℎ, 𝑞 = (ℎ, 𝑞 ∗ ) 𝑗𝑔 𝑞 𝑑𝑝𝑜𝑜𝑓𝑑𝑢𝑓𝑒 𝑢𝑝 𝑞 ∗ {} 𝑗𝑔 𝑞 𝑗𝑡 𝑜𝑝𝑢 𝑑𝑝𝑜𝑜𝑓𝑑𝑢𝑓𝑒 IITM: Formal Methods: Header Space Analysis 18

  19. Header Space Analysis  Multihop Packet Traversal Φ . = Ψ(Γ (.))  Position(s) of (h,p) after k steps: Φ 𝑙 (ℎ, 𝑞) = Ψ(Γ(… (Ψ Γ ℎ, 𝑞 … = ℎ 1 , 𝑞 1 , … IITM: Formal Methods: Header Space Analysis 19

  20. Reachability  “Can Host A talk to Host B?“  Wildcard expression ∈ 0, 1, 𝑦 𝑀 E. g. 1001xxxx like 192.168.x.x  Send Wildcard header from A and check if it ever reaches B 𝒚𝒚𝒚𝒚𝒚𝒚𝒚𝒚 … 𝑩 𝑪 IITM: Formal Methods: Header Space Analysis 20

  21. Reachability  Send Wildcard header from A and check if it ever reaches B 𝑏 → 𝑇 1 → … → 𝑇 𝑜−1 → 𝑇 𝑜 → 𝑐 𝑆 𝑏→𝑐 = {𝑈 𝑜 (Γ(𝑈 𝑜−1 … Γ 𝑈 1 ℎ, 𝑞 … } 𝑏→𝑐 𝑞𝑏𝑢ℎ𝑡 {𝟐𝟏𝟏𝟐𝟏𝒚𝟐𝟏, 𝟏𝟐𝟏𝟐𝟐𝒚𝟐𝟏} 𝒚𝒚𝒚𝒚𝒚𝒚𝒚𝒚 … 𝑩 𝑪 IITM: Formal Methods: Header Space Analysis 21

  22. Reachability  Use 𝑈 −1 and Γ −1 = Γ to get the original header −1 (Γ 𝑈 −1 ℎ, 𝑐 … ) −1 (Γ(… (𝑈 ℎ 𝑏 = 𝑈 1 𝑜−1 𝑜 {𝟐𝟏𝟏𝟐𝟏𝒚𝟐𝟏, 𝟐𝟏𝟏𝟐𝟐𝒚𝟐𝟏} {𝟐𝟏𝟏𝟐𝟏𝒚𝟐𝟏, 𝟏𝟐𝟏𝟐𝟐𝒚𝟐𝟏} 𝒚𝒚𝒚𝒚𝒚𝒚𝒚𝒚 … 𝑩 𝑪 IITM: Formal Methods: Header Space Analysis 22

  23. Complexity 𝑆 𝑏→𝑐 = {𝑈 𝑜 (Γ(𝑈 𝑜−1 … Γ 𝑈 1 ℎ, 𝑞 … } 𝑏→𝑐 𝑞𝑏𝑢ℎ𝑡  Worst Case:  Single box: 𝑃 𝑆 1 𝑆 2  𝑆 1 : Number of wildcard expressions  𝑆 2 : Number of rules of Transfer function  Overall network: 𝑃 𝑆 1 𝑆 2 … 𝑆 𝑜 = 𝑃 𝑆 𝑒  𝑒 ∶ Diameter of Network  𝑆 ∶ Maximum number of forwarding rules IITM: Formal Methods: Header Space Analysis 23

  24. Complexity  But: Linear Fragmentation Assumption:  Not 𝑆 1 𝑆 2 only 𝑑𝑆 1 and 𝑑 ≪ 𝑆 2 𝑒 ∗ 𝑃 𝑆 2 = 𝑃(𝑒𝑆 2 )  𝑒 ∶ Diameter of Network  𝑆 ∶ Maximum number of forwarding rules IITM: Formal Methods: Header Space Analysis 24

  25. Reachability Example  Which header can reach 𝑐 from 𝑏 ? 𝑪 𝒃 𝑩 𝑬 𝒄 𝑫 IITM: Formal Methods: Header Space Analysis 25

  26. Reachability Example  2 different paths 𝑪 𝟏 𝑪 𝟐 𝑪 𝑬 𝟏 𝑩 𝟐 𝑬 𝟐 𝒃 𝑩 𝑬 𝒄 𝑩 𝟏 𝑩 𝟑 𝑬 𝟑 𝑫 𝑫 𝟏 𝑫 𝟐 IITM: Formal Methods: Header Space Analysis 26

  27. Reachability Example 𝒊, 𝑩 𝟏 𝒋𝒈 𝒊 = 𝟐𝟏𝟏𝟐𝒚𝒚𝒚𝒚 𝒊, 𝑩 𝟐 𝒋𝒈 𝒊 = 𝟐𝟏𝟐𝟏𝒚𝒚𝒚𝒚 𝑼 𝑩 𝒊, 𝒒 = 𝒊, 𝑩 𝟑 𝒋𝒈 𝒊 = 𝟐𝟐𝟏𝟏𝒚𝒚𝒚𝒚 𝒚𝒚𝒚𝒚 𝒚𝒚𝒚𝒚 𝟐𝟏𝟐𝟏 𝒚𝒚𝒚𝒚 𝑪 𝟏 𝑪 𝟐 𝑪 𝑩 𝟐 𝑬 𝟏 𝑬 𝟐 𝒃 𝑩 𝑬 𝒄 𝑩 𝟏 IITM: Formal Methods: Header Space Analysis 27 𝑫 𝟏 𝑫 𝟐

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Introduction to the TEI header What is the TEI header? The TEI header (<teiHeader>) is the

Introduction to the TEI header What is the TEI header? The TEI header (<teiHeader>) is the

Introduction to the TEI header What is the TEI header? The TEI header (<teiHeader>) is the virtual ttle page of a TEI document. It contains metadata (informaton about the TEI document). <teiHeader> is the frst, mandatory child

543 views • 21 slides
Introduction to the TEI header What is the TEI header?

Introduction to the TEI header What is the TEI header?

Introduction to the TEI header What is the TEI header? TheTEIheader(<teiHeader>)isthevirtual6tle pageofaTEIdocument.Itcontainsmetadata (informa6onabouttheTEIdocument).

1.04k views • 31 slides
EMPRESSExtensible Metadata PRovider with even amount of white space between photos and header

EMPRESSExtensible Metadata PRovider with even amount of white space between photos and header

Photos placed in horizontal position EMPRESSExtensible Metadata PRovider with even amount of white space between photos and header for Extreme-scale Scientific Simulations Margaret Lawson , Jay Lofstead, Scott Levy, Patrick Widener, Craig

640 views • 21 slides
HTTP Header Analysis Roland Zegers System and Network Engineering 01 July 2015 Roland Zegers

HTTP Header Analysis Roland Zegers System and Network Engineering 01 July 2015 Roland Zegers

HTTP Header Analysis Roland Zegers System and Network Engineering 01 July 2015 Roland Zegers HTTP Header Analysis Introduction HTTP: used for communication of webtraffic Headers provide information about the source system, the software and

526 views • 14 slides
Header Header Supported by: Miss Elwell Mrs Barlow Miss Kent Miss Abrahams 7RX 7DX 7EX

Header Header Supported by: Miss Elwell Mrs Barlow Miss Kent Miss Abrahams 7RX 7DX 7EX

Header Header Supported by: Miss Elwell Mrs Barlow Miss Kent Miss Abrahams 7RX 7DX 7EX 7SX Mrs Crawford 7DY Miss Green Mr OReilly Mr Musser Mrs Hanly 7SY 7DY 7EY 7RY Mrs Harris 7RX Header Our communication channels:

626 views • 19 slides
Measurement of IPv6 Extension Header Support Geoff Huston APNIC Labs IPv6 Extension Header The

Measurement of IPv6 Extension Header Support Geoff Huston APNIC Labs IPv6 Extension Header The

Measurement of IPv6 Extension Header Support Geoff Huston APNIC Labs IPv6 Extension Header The extension header sits between the IPv6 packet header and the upper level protocol header for the leading fragged packet, and sits between the

830 views • 21 slides
IP Spoofing Detection Through Time to Live Header Analysis Final Talk BSc Informatics Arno Hilke

IP Spoofing Detection Through Time to Live Header Analysis Final Talk BSc Informatics Arno Hilke

Chair for Network Architectures and Services Technische Universitt Mnchen IP Spoofing Detection Through Time to Live Header Analysis Final Talk BSc Informatics Arno Hilke Supervisor : Prof. Dr.-Ing. Georg Carle Advisors : Quirin Scheitle,

663 views • 16 slides
Oracle SOA Suite Enterprise Service Bus Oracle Integration Product Management Oracle ESB Header

Oracle SOA Suite Enterprise Service Bus Oracle Integration Product Management Oracle ESB Header

Oracle SOA Suite Enterprise Service Bus Oracle Integration Product Management Oracle ESB Header Support Slide 2 ES B Header S upport Use Cases Files, JMS , AQ, MQ, B2B, Apps Header Transformation Uses XS L

617 views • 20 slides
Downgrading TODO fujiwara@jprs.co.jp Envelope downgrading Dowingrading requires

Downgrading TODO fujiwara@jprs.co.jp Envelope downgrading Dowingrading requires

Downgrading TODO fujiwara@jprs.co.jp Envelope downgrading Dowingrading requires IMA-Downgraded-From, IMA-Downgraded-To header definition in utf8header draft. Selecting header downgrading method Received header issue I suppose header contains

283 views • 4 slides
Mr Lach Assistant Headteacher Ms Allen - Headteacher Header Another Year of Success Header

Mr Lach Assistant Headteacher Ms Allen - Headteacher Header Another Year of Success Header

Mr Lach Assistant Headteacher Ms Allen - Headteacher Header Another Year of Success Header Success by any measure 85% 5A*- C including English and Maths 90% 5A*- C 43% A*/A 19 departments achieved 90%+ 28 students achieved 10

1.01k views • 67 slides
IP Version 6 The explosive growth of the Internet IPv4 address space, 32-bit Real-time

IP Version 6 The explosive growth of the Internet IPv4 address space, 32-bit Real-time

IP Version 6 The explosive growth of the Internet IPv4 address space, 32-bit Real-time and interactive applications Expanded address space, 128 bits Simplified header format Enabling easier processing of IP datagrams

852 views • 15 slides
TRILL Header Extension Simplifica8ons Donald Eastlake 3 rd

TRILL Header Extension Simplifica8ons Donald Eastlake 3 rd

TRILL Header Extension Simplifica8ons Donald Eastlake 3 rd Huawei Technologies d3e3e3@gmail.com July 2011 1 TRILL Data Frame Format Link Specific Header TRILL

576 views • 14 slides
The new Gforth Header Bernd Paysan, net2o M. Anton Ertl, TU Wien Traditional Header New

The new Gforth Header Bernd Paysan, net2o M. Anton Ertl, TU Wien Traditional Header New

The new Gforth Header Bernd Paysan, net2o M. Anton Ertl, TU Wien Traditional Header New Requirements Complete Name Long Name alias compile-only machine-independence Old Gforth Header Complete Name Long Name alias compile-only

258 views • 21 slides
You can bold , italicize , underline, and add color to text. You can also change the font size. In

You can bold , italicize , underline, and add color to text. You can also change the font size. In

An introduction to L A T EX Your Name Here August 21, 2018 1 Section headers You will likely organize your T EX file using sections, 1.1 A subsection header and subsections, 1.1.1 A subsubsection header and subsubsections! A sub sub

439 views • 4 slides
Example Start of header Ident = x 0 Offset = 0 The host want to send a packet to a certain

Example Start of header Ident = x 0 Offset = 0 The host want to send a packet to a certain

Routing with subnetting Example Start of header Ident = x 0 Offset = 0 The host want to send a packet to a certain IP address Rest of header 1). Bitwise AND between its own subnet mask & the destination IP address 1400 data bytes

823 views • 4 slides
CCR Photos placed in horizontal position with even amount of white space between photos and

CCR Photos placed in horizontal position with even amount of white space between photos and

CCR Photos placed in horizontal position with even amount of white space between photos and header Center for Computing Research Comparing global link arrangements for Dragonfly networks Has7ngs,

867 views • 50 slides
2 Process images Detailed image is in lecture note on assembly ( x86_64 Assembly language )

2 Process images Detailed image is in lecture note on assembly ( x86_64 Assembly language )

1 TDT4205 Grand Summary, pt. 2 2 Process images Detailed image is in lecture note on assembly ( x86_64 Assembly language ) Most of the detail level is relevant first at the system level, but high IR can well be planned with the aim of

468 views • 24 slides
Advanced Compiler Techniques 2004-03-19 08:51 Foundations of Dataflow Analysis This lecture is

Advanced Compiler Techniques 2004-03-19 08:51 Foundations of Dataflow Analysis This lecture is

Advanced Compiler Techniques 2004-03-19 08:51 Foundations of Dataflow Analysis This lecture is primarily based on Konstantinos Sagonas set of slides (Advanced ed Co Compiler er T Techniques es , (2AD518) at Uppsala University,

932 views • 25 slides
Chapter 11 Design of Control Systems

Chapter 11 Design of Control Systems

Chapter 11 Design of Control Systems 2 2548 1 240-209 : Design of control systems Outline 1 P

809 views • 32 slides
Principles of Program Analysis: Data Flow Analysis Transparencies based on Chapter 2 of the book:

Principles of Program Analysis: Data Flow Analysis Transparencies based on Chapter 2 of the book:

Principles of Program Analysis: Data Flow Analysis Transparencies based on Chapter 2 of the book: Flemming Nielson, Hanne Riis Nielson and Chris Hankin: Principles of Program Analysis. Springer Verlag 2005. c Flemming Nielson & Hanne

380 views • 35 slides
Forward Modelling in Cosmology Alexandre Refregier ICTP 14.5.2015 Cosmological Probes Cosmic

Forward Modelling in Cosmology Alexandre Refregier ICTP 14.5.2015 Cosmological Probes Cosmic

Forward Modelling in Cosmology Alexandre Refregier ICTP 14.5.2015 Cosmological Probes Cosmic Microwave Background Gravitational Lensing Supernovae Galaxy Clustering Wide-Field Instruments CMB Planck, SPT, ACT, Keck Imaging VST, DES,

439 views • 18 slides
Lect. 12 Summary, Clas. Phys. - Michelson-Morley Exp. Summary of Classical Physics Announcements

Lect. 12 Summary, Clas. Phys. - Michelson-Morley Exp. Summary of Classical Physics Announcements

Lect. 12 Summary, Clas. Phys. - Michelson-Morley Exp. Summary of Classical Physics Announcements Start the Revolutions of Modern Physics Today: Summary of Classical Physics Classical Physics in 1880s The beginning of a new scientific

286 views • 6 slides
The Relativistic Quantum World A lecture series on Relativity Theory and Quantum Mechanics Marcel

The Relativistic Quantum World A lecture series on Relativity Theory and Quantum Mechanics Marcel

The Relativistic Quantum World A lecture series on Relativity Theory and Quantum Mechanics Marcel Merk University of Maastricht, Sept 14 Oct 12, 2017 Introduction Email: marcel.merk@nikhef.nl Website: www.nikhef.nl/~i93 CV: Current

683 views • 24 slides
Ch 11/12: Manipulate, Facet timing presentation topic choices due this Friday (Oct 27) at

Ch 11/12: Manipulate, Facet timing presentation topic choices due this Friday (Oct 27) at

Today Presentation topic choices Ch 11/12: Manipulate, Facet timing presentation topic choices due this Friday (Oct 27) at noon presentation topics post your choice to discussion thread on Canvas: 1 or 2 topic choices Paper:

274 views • 5 slides

More recommend