1 哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 1 Chapter 5: Tunneling and Application Gateway Chapter goal: ? Multiprotocol environment ? Mixing network technologies ? Encapsulation and tunneling ? Clients and servers in constrained environments ? Application gateways ? Application gateway examples 哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 2 Chapter 5: Tunneling and Application Gateway Chapter goal: ? Multiprotocol environment ? Mixing network technologies ? Encapsulation and tunneling ? Clients and servers in constrained environments ? Application gateways ? Application gateway examples 哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 3 Multiprotocol environment ? Not all machines provide complete TCP/IP support ? Not all organizations use TCP/IP exclusively to interconnect computers. ? Most large organizations have several groups of machines, with group using its own protocol suite, because: ? Networking has evolved slowly ? Vendors promoted proprietary network systems ? TCP/IP not always available ? Minimize expense ? User habits 哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 4 Multiprotocol environment ? Chief disadvantages: ? Duplication of effort ? Limitations of interoperability … Hosts using TCP/IP Ethernet 1 … Hosts using TCP/IP Ethernet 2 Wide area network that uses ATM Hosts using ATM Hosts using ATM 哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 5 Chapter 5: Tunneling and Application Gateway Chapter goal: ? Multiprotocol environment ? Mixing network technologies ? Encapsulation and tunneling ? Clients and servers in constrained environments ? Application gateways ? Application gateway examples 哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 6 Mixing network technologies ? TCP/IP internet consists of a set of host interconnected by IP gateways (routers). ? Other internets use other protocols (e.g. DECNET, SNA…) ? It should be possible to substitute any transport-level switching service in place of a single physical link in another packet switching system. ? Many internets have been built that use switched technologies instead of physical networks. ? For example: 2 哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 7 Mixing network technologies … Hosts using TCP/IP Ethernet 1 … Hosts using TCP/IP Ethernet 2 Wide area network that uses ATM Hosts using ATM Hosts using ATM IP gateway IP gateway 哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 8 Mixing network technologies ? From the view of IP gateway ? ATM provides a link ? From the view of ATM ? Software on two IP gateways acts like application software … Hosts using TCP/IP Ethernet 1 … Hosts using TCP/IP Ethernet 2 Wide area network that uses ATM Hosts using ATM Hosts using ATM IP gateway IP gateway 哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 9 Mixing network technologies ? Dynamic circuit allocation ? The static scheme needs N*(N-1)/2 circuit ? Each circuit requires both hardware and software resources ? The dynamic scheme allocate circuit on demand … Hosts using TCP/IP Ethernet 1 … Hosts using TCP/IP Ethernet 2 Wide area network that uses ATM Hosts using ATM Hosts using ATM IP gateway IP gateway 哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 10 Chapter 5: Tunneling and Application Gateway Chapter goal: ? Multiprotocol environment ? Mixing network technologies ? Encapsulation and tunneling ? Clients and servers in constrained environments ? Application gateways ? Application gateway examples 哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 11 Encapsulation and tunneling ? Encapsulation refers to how the network interface uses packet switching hardware. ? Tunneling refers to the use of a transport network service to carry packets or messages from another service. ? IP encapsulates each datagram in a packet when it uses the hardware directly. ? IP creates tunnel when it uses a high-level transport delivery service to send datagram from one point to another. ? Key difference: whether IP transmits datagrams in hardware packets or uses a high-level transport service 哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 12 Tunneling through an IP internet ? Most tunneling now occurs because vendors use IP protocols to deliver packets from non-TCP/IP protocols. ? IP now provides the widest connectivity among the computers at most organizations. ? Software is currently available that uses IP to carry IPX, SNA and other high-level protocol traffic. ? IP network can also be used to carry new protocols traffic, to allow designers to build and debug new protocols. 3 哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 13 App-level Tunneling between clients and servers ? Application-level tunneling ? App-level tunneling makes it possible for clients and servers to use IP protocols to communicate across a non-IP network. ? There need a socket simulation library. UDP client app. Socket simulation library UDP client app. Socket simulation library Operating system with support for network system Operating system with support for network system Network system 哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 14 Tunneling, Encapsulation, and Dialup Phone Lines ? SLIP and PPP have bees designed to send IP across a dialup channel. ? Should IP transmission across a dialup connection be viewed as a form of tunneling or encapsulation? ? Two opinions 哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 15 Chapter 5: Tunneling and Application Gateway Chapter goal: ? Multiprotocol environment ? Mixing network technologies ? Encapsulation and tunneling ? Clients and servers in constrained environments ? Application gateways ? Application gateway examples 哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 16 Clients and servers in constrained environments ? The reality of multiple technologies ? Not all computers have direct access to the Internet ? Access limitations can complicate client and servers ? Economic, political and technical reasons ? Result in incompatible systems without interoperability ? Computers with limited functionality ? Connectivity constrains that arise from security ? Partition computers into secure and unsecure subsets. ? Computers in one partition cannot directly access services available on computers in the other partition. 哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 17 Chapter 5: Tunneling and Application Gateway Chapter goal: ? Multiprotocol environment ? Mixing network technologies ? Encapsulation and tunneling ? Clients and servers in constrained environments ? Application gateways ? Application gateway examples 哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 18 Using application gateways ? A single, powerful technique to overcome connectivity constraints-application gateway. ? Adding application programs that run on intermediate machines ? Relay information ? Intermediate machine is called gateway machine. ? For example, mail gateway 4 哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 19 Mail gateway TCP/IP internet NUENET network OS with both TCP/IP and UUCP support App. gateway Host on the TCP/IP internet Host on the USENET network Interface to TCP/IP mail system Interface to UUCP mail system 哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 20 A comparison of application gateways and tunneling ? Application gateway + ? Without modifying the computer’s OS ? Can be built using conventional programming tools ? Does not require any change to the underlying protocol software ? The site can use standard client and server programs ? Allows all existing network systems to continue operation undisturbed ? Manager and users do not need to learn about new technologies ? Do not need change any physical network connections 哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 21 A comparison of application gateways and tunneling ? Application gateway - ? A separate application gateway program for each service ? Require additional hardware resources ? May need add network connections ? Introduce computational delay ? Clients may timeout and resend a message 哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 22 A comparison of application gateways and tunneling ? Tunneling + ? Does not need any changes when new services appear ? Can be used for any application service ? Provides uniformity ? Tunneling - ? Modify the OS on the gateway ? Modify software on hosts ? Impact on users ? A change in the underlying network protocols usually results in changes to clients software with which users interact. 哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 23 Application gateways and limited functionality systems ? The OS of PC often do not support for concurrent processing ? Limits client-server interaction ? Use an app gateway IP gateway OS Mail server App. gateway Large computer that runs both a mail server and an application gateway To rest of internet Small hosts incapable of running a mail server 哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 24 Application gateways used for secutity ? Many organizations choose application gateway to solve the problem of security IP gateway OS App. gateway a computer that runs the site’s app gateway for remote login. The application gateway controls remote acc. IP gateway filters remote login packets except from or to app gateway Conventional hosts prohibited from sending remote login packets except through app gateway 5 哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 25 Application gateways and the extra hop problem IP gateway To rest of internet IP gateway App gateway machine To rest of internet 哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 26 Application gateways examples FTP server Web server CGI prgrm Disk Browser HTTP used FTP used Gateway Cmptr User Cmptr. FTP Cmptr ? Web-based application gateway 哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 27 Application gateways examples Dialup phone sys Dialup phone sys OS with support for TCP/IP SLIRP gateway Home computer using SLIP or PPP Host on the TCP/IP Internet Interface to dialup modem Standard socket interface to TCP/IP 哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 28 Chapter 5: Tunneling and Application Gateway We have learned: ? Multiprotocol environment ? Mixing network technologies ? Encapsulation and tunneling ? Clients and servers in constrained environments ? Application gateways ? Application gateway examples