Firewall - Networking - Lecture Slides, Slides of Computer Networks

A lecture from Networking with following key points: Firewall, Blocks Malicious Traffic, Unauthorized Traffic, Packets, Domain Names, Link Layer, Multiple Access Algorithm, Collision Detection, Evolution, Dynamic Host Configuration Protocol, Sending a Packet

Typology: Slides

2013/2014

Uploaded on 01/29/2014

sundar
sundar 🇮🇳

4.7

(9)

104 documents

1 / 77

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
What Is Firewall?
1
Blocks malicious traffic
Blocks unauthorized traffic
docsity.com
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f
pf20
pf21
pf22
pf23
pf24
pf25
pf26
pf27
pf28
pf29
pf2a
pf2b
pf2c
pf2d
pf2e
pf2f
pf30
pf31
pf32
pf33
pf34
pf35
pf36
pf37
pf38
pf39
pf3a
pf3b
pf3c
pf3d
pf3e
pf3f
pf40
pf41
pf42
pf43
pf44
pf45
pf46
pf47
pf48
pf49
pf4a
pf4b
pf4c
pf4d

Partial preview of the text

Download Firewall - Networking - Lecture Slides and more Slides Computer Networks in PDF only on Docsity!

What Is Firewall?

1

Blocks malicious traffic

Blocks unauthorized traffic

ext firewall int VM Linux TCP/IP network stack

**1. Decode the packet

  1. Check the firewall rules
  2. Pass or drop the packet**

Firewall rules

Type 1: a combination of

 Protocol (TCP/UDP/ICMP)  IP address or country (e.g., Canada)  Port number

Type 2: domain names

 E.g., block DNS queries for *.facebook.com 4

5

Last Time

 Three approaches to improving content delivery

 Compensate for TCP’s weaknesses  Caching and replication  Exploit economies of scale

HTTP Performance

 Most Web pages have multiple objects

e.g., HTML file and a bunch of embedded images

 How do you retrieve those objects (naively)?

 One item at a time

 New TCP connection per (small) object  Slow!

 Minimum of 2RTTs per object

Improving HTTP Performance: Persistent Connections  Maintain TCP connection across multiple requests (and even user “sessions”)  Amortize overhead of connection set-up and tear-down  Allow TCP to learn more accurate RTT estimate  Allow TCP congestion window to increase  Default in HTTP/1.

R

T

R

T

Improving HTTP Performance:

Pipelined Requests & Responses

 Batch requests and responses to reduce the number of packets  Multiple requests can be contained in one TCP segment R T R T

Scorecard: Getting n Large Objects

Time dominated by bandwidth

(F is object size, B is bandwidth)

 One-at-a-time: ~ nF/B

 M concurrent: ~ [n/m] F/B

 assuming shared with large population of users  and each TCP connection gets the same bandwidth

 Pipelined and/or persistent: ~ nF/B

 The only thing that helps is getting more bandwidth..

Improving HTTP Performance:

Caching

 Why does caching work?

 Exploits locality of reference

 How well does caching work?

 Very well, up to a limit  Large overlap in content  But many unique requests

Improving HTTP Performance:

Caching: How

 Modifier to GET requests:

 If-modified-since – returns “not modified” if resource not modified since specified time

 Response header:

 Expires – how long it’s safe to cache the resource  No-cache – ignore all caches; always get resource directly from server

Improving HTTP Performance:

Caching: Where?

 Options

 Client  Forward proxies  Reverse proxies  Content Distribution Network