1
哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 1
Chapter 5: Tunneling and Application Gateway
Chapter goal:
? Multiprotocol environment
? Mixing network technologies
? Encapsulation and tunneling
? Clients and servers in constrained
environments
? Application gateways
? Application gateway examples
哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 2
Chapter 5: Tunneling and Application Gateway
Chapter goal:
? Multiprotocol environment
? Mixing network technologies
? Encapsulation and tunneling
? Clients and servers in constrained
environments
? Application gateways
? Application gateway examples
哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 3
Multiprotocol environment
? Not all machines provide complete TCP/IP
support
? Not all organizations use TCP/IP exclusively
to interconnect computers.
? Most large organizations have several
groups of machines, with group using its own
protocol suite, because:
? Networking has evolved slowly
? Vendors promoted proprietary network systems
? TCP/IP not always available
? Minimize expense
? User habits
哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 4
Multiprotocol environment
? Chief disadvantages:
? Duplication of effort
? Limitations of interoperability
…
Hosts using TCP/IP
Ethernet
1
…
Hosts using TCP/IP
Ethernet
2
Wide area
network
that uses
ATM
Hosts using ATM Hosts using ATM
哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 5
Chapter 5: Tunneling and Application Gateway
Chapter goal:
? Multiprotocol environment
? Mixing network technologies
? Encapsulation and tunneling
? Clients and servers in constrained
environments
? Application gateways
? Application gateway examples
哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 6
Mixing network technologies
? TCP/IP internet consists of a set of host
interconnected by IP gateways (routers).
? Other internets use other protocols (e.g.
DECNET, SNA…)
? It should be possible to substitute any
transport-level switching service in place of
a single physical link in another packet
switching system.
? Many internets have been built that use
switched technologies instead of physical
networks.
? For example:
2
哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 7
Mixing network technologies
…
Hosts using TCP/IP
Ethernet
1
…
Hosts using TCP/IP
Ethernet
2
Wide area
network
that uses
ATM
Hosts using ATM Hosts using ATM
IP gateway IP gateway
哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 8
Mixing network technologies
? From the view of IP gateway
? ATM provides a link
? From the view of ATM
? Software on two IP gateways acts like
application software
…
Hosts using TCP/IP
Ethernet
1
…
Hosts using TCP/IP
Ethernet
2
Wide area
network that
uses ATM
Hosts using ATM Hosts using ATM
IP gateway IP gateway
哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 9
Mixing network technologies
? Dynamic circuit allocation
? The static scheme needs N*(N-1)/2 circuit
? Each circuit requires both hardware and
software resources
? The dynamic scheme allocate circuit on demand
…
Hosts using TCP/IP
Ethernet
1
…
Hosts using TCP/IP
Ethernet
2
Wide area
network that
uses ATM
Hosts using ATM Hosts using ATM
IP gateway IP gateway
哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 10
Chapter 5: Tunneling and Application Gateway
Chapter goal:
? Multiprotocol environment
? Mixing network technologies
? Encapsulation and tunneling
? Clients and servers in constrained
environments
? Application gateways
? Application gateway examples
哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 11
Encapsulation and tunneling
? Encapsulation refers to how the network interface
uses packet switching hardware.
? Tunneling refers to the use of a transport network
service to carry packets or messages from another
service.
? IP encapsulates each datagram in a packet when it
uses the hardware directly.
? IP creates tunnel when it uses a high-level
transport delivery service to send datagram from
one point to another.
? Key difference: whether IP transmits datagrams in
hardware packets or uses a high-level transport
service
哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 12
Tunneling through an IP
internet
? Most tunneling now occurs because vendors
use IP protocols to deliver packets from
non-TCP/IP protocols.
? IP now provides the widest connectivity
among the computers at most organizations.
? Software is currently available that uses IP
to carry IPX, SNA and other high-level
protocol traffic.
? IP network can also be used to carry new
protocols traffic, to allow designers to
build and debug new protocols.
3
哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 13
App-level Tunneling between
clients and servers
? Application-level tunneling
? App-level tunneling makes it possible for clients and servers
to use IP protocols to communicate across a non-IP network.
? There need a socket simulation library.
UDP client app.
Socket simulation
library
UDP client app.
Socket simulation
library
Operating system
with support for
network system
Operating system
with support for
network system
Network
system
哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 14
Tunneling, Encapsulation, and
Dialup Phone Lines
? SLIP and PPP have bees designed to send IP
across a dialup channel.
? Should IP transmission across a dialup connection
be viewed as a form of tunneling or encapsulation?
? Two opinions
哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 15
Chapter 5: Tunneling and Application Gateway
Chapter goal:
? Multiprotocol environment
? Mixing network technologies
? Encapsulation and tunneling
? Clients and servers in constrained
environments
? Application gateways
? Application gateway examples
哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 16
Clients and servers in
constrained environments
? The reality of multiple technologies
? Not all computers have direct access to the Internet
? Access limitations can complicate client and servers
? Economic, political and technical reasons
? Result in incompatible systems without
interoperability
? Computers with limited functionality
? Connectivity constrains that arise from security
? Partition computers into secure and unsecure subsets.
? Computers in one partition cannot directly access
services available on computers in the other partition.
哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 17
Chapter 5: Tunneling and Application Gateway
Chapter goal:
? Multiprotocol environment
? Mixing network technologies
? Encapsulation and tunneling
? Clients and servers in constrained
environments
? Application gateways
? Application gateway examples
哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 18
Using application gateways
? A single, powerful technique to overcome
connectivity constraints-application gateway.
? Adding application programs that run on
intermediate machines
? Relay information
? Intermediate machine is called gateway machine.
? For example, mail gateway
4
哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 19
Mail gateway
TCP/IP
internet
NUENET
network
OS with both
TCP/IP and
UUCP support
App.
gateway
Host on the
TCP/IP internet
Host on the
USENET network
Interface to
TCP/IP mail system
Interface to
UUCP mail system
哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 20
A comparison of application
gateways and tunneling
? Application gateway +
? Without modifying the computer’s OS
? Can be built using conventional programming tools
? Does not require any change to the underlying
protocol software
? The site can use standard client and server
programs
? Allows all existing network systems to continue
operation undisturbed
? Manager and users do not need to learn about
new technologies
? Do not need change any physical network
connections
哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 21
A comparison of application
gateways and tunneling
? Application gateway -
? A separate application gateway program for each
service
? Require additional hardware resources
? May need add network connections
? Introduce computational delay
? Clients may timeout and resend a message
哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 22
A comparison of application
gateways and tunneling
? Tunneling +
? Does not need any changes when new services
appear
? Can be used for any application service
? Provides uniformity
? Tunneling -
? Modify the OS on the gateway
? Modify software on hosts
? Impact on users
? A change in the underlying network protocols
usually results in changes to clients software with
which users interact.
哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 23
Application gateways and
limited functionality systems
? The OS of PC often do not support for
concurrent processing
? Limits client-server interaction
? Use an app gateway
IP
gateway
OS
Mail
server
App.
gateway
Large computer that
runs both a mail
server and an
application gateway
To rest of internet
Small hosts incapable of running a mail server
哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 24
Application gateways used for
secutity
? Many organizations choose application gateway to
solve the problem of security
IP
gateway
OS
App.
gateway
a computer that runs the
site’s app gateway for
remote login. The application
gateway controls remote acc.
IP gateway filters
remote login packets
except from or to
app gateway
Conventional hosts prohibited from sending remote login packets except through app gateway
5
哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 25
Application gateways and the
extra hop problem
IP
gateway
To rest of internet
IP
gateway
App
gateway
machine
To rest of internet
哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 26
Application gateways examples
FTP
server
Web
server
CGI
prgrm
Disk
Browser
HTTP used FTP used
Gateway Cmptr
User Cmptr.
FTP Cmptr
? Web-based application gateway
哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 27
Application gateways examples
Dialup
phone
sys
Dialup
phone
sys
OS with support
for TCP/IP
SLIRP
gateway
Home computer
using SLIP or PPP
Host on the
TCP/IP Internet
Interface to
dialup modem
Standard socket
interface to TCP/IP
哈工大计算机学院李全龙Network Application Development Tunneling and Application Gateway 28
Chapter 5: Tunneling and Application Gateway
We have learned:
? Multiprotocol environment
? Mixing network technologies
? Encapsulation and tunneling
? Clients and servers in constrained
environments
? Application gateways
? Application gateway examples